Overview

overview

10

Static

static

7ed66b0d81...0d.exe

windows7_x64

10

7ed66b0d81...0d.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    4294210s
  • max time network
    162s
  • platform
    windows7_x64
  • resource
    win7-20220310-en
  • submitted
    19-03-2022 16:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ed66b0d81958d709b7f3067f9bdc69c25cbb955506c4a812cf0b6b9a7590f0d.exe

  • Size

    576KB

  • MD5

    949099803fcee51754b88ad6d121fb46

  • SHA1

    17e8270be0f89febf60e9ceda1c7efd7f5e6b9c8

  • SHA256

    7ed66b0d81958d709b7f3067f9bdc69c25cbb955506c4a812cf0b6b9a7590f0d

  • SHA512

    6f7a52429e0a663dd663c7dcfc2477dcfd7343a14bf3a5c7968fbfd7dddec0c21880d1607049b85e961f1a2170a5e325353ebcea0568c2b8d246a39fa69daf93

Score
10/10
bazarbackdoorbazarloaderbackdoordropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • BazarBackdoor

    Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    backdoorbazarbackdoor
  • Bazar/Team9 Backdoor payload 3 IoCs
  • Bazar/Team9 Loader payload 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ed66b0d81958d709b7f3067f9bdc69c25cbb955506c4a812cf0b6b9a7590f0d.exe
    "C:\Users\Admin\AppData\Local\Temp\7ed66b0d81958d709b7f3067f9bdc69c25cbb955506c4a812cf0b6b9a7590f0d.exe"
    1⤵
      PID:1684

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1684-54-0x000007FEF72D1000-0x000007FEF72D3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1684-55-0x0000000000390000-0x00000000003E9000-memory.dmp
      Filesize

      356KB

      Download
    • memory/1684-59-0x0000000180000000-0x0000000180058000-memory.dmp
      Filesize

      352KB

      Download
    • memory/1684-64-0x0000000000330000-0x0000000000387000-memory.dmp
      Filesize

      348KB

      Download