bazarloader | f19a6f7b71b6a5842704e69dd6dd8a9b774e644925e668dc52b07f4df7c8dd73 | Triage

Analysis

max time kernel
136s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
17-03-2022 17:05

Sharing

Report Analysis Logs

General

Target

8b327271374aeedc0277406ec2f1991f2fcaf154aacd8b5e60b0efeee1ae7fe0.dll
Size

711KB
MD5

9a87a6642a3a656e15b427e0aac58658
SHA1

1e656eb070cc9b7f973593ffd8acdf21ee4604cb
SHA256

8b327271374aeedc0277406ec2f1991f2fcaf154aacd8b5e60b0efeee1ae7fe0
SHA512

5a7bf4265915a3ec44dd8f57e95a24c73a4d4a4c251496e4b166db57b894f6a8cca29cccafbe22d655e0f7f756843949a7bf6143ea4ed93bc969139f7304b831

Score

10^/10

bazarloader dropper loader

Malware Config

Signatures

Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
loader dropper bazarloader

Bazar/Team9 Loader payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/600-130-0x0000020EE1BB0000-0x0000020EE1BDB000-memory.dmp	BazarLoaderVar6

BazarLoader 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/600-130-0x0000020EE1BB0000-0x0000020EE1BDB000-memory.dmp	BazarLoader

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\8b327271374aeedc0277406ec2f1991f2fcaf154aacd8b5e60b0efeee1ae7fe0.dll,#1
1⤵
PID:600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/600-130-0x0000020EE1BB0000-0x0000020EE1BDB000-memory.dmp

Filesize
172KB

Download