Analysis
-
max time kernel
134s -
max time network
168s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
19-03-2022 12:11
Static task
static1
Behavioral task
behavioral1
Sample
3985648d781de545cf1209469454b88f7f6e54696b6a050dbb7ba2ba1eae2cec.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
3985648d781de545cf1209469454b88f7f6e54696b6a050dbb7ba2ba1eae2cec.exe
Resource
win10v2004-en-20220113
General
-
Target
3985648d781de545cf1209469454b88f7f6e54696b6a050dbb7ba2ba1eae2cec.exe
-
Size
280KB
-
MD5
c3ad311ea64ad7981b6451f47ff88202
-
SHA1
061cb8020a2ce9e442b158bc2f4f2a349e456279
-
SHA256
3985648d781de545cf1209469454b88f7f6e54696b6a050dbb7ba2ba1eae2cec
-
SHA512
6df2bbfb42ddf5bae9bc9c1b810b3c8343218aa38a0715e7e16a6ea3bccf77e691165333b1276d7709fbd693a741b949864d67249b710b7afe5c66709529d7ef
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 2 IoCs
Processes:
resource yara_rule behavioral2/memory/1184-130-0x0000000000A10000-0x0000000000A2B000-memory.dmp BazarLoaderVar1 behavioral2/memory/1184-134-0x00000000009F0000-0x0000000000A09000-memory.dmp BazarLoaderVar1