Analysis
-
max time kernel
4294183s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20220311-en -
submitted
31-03-2022 10:56
Static task
static1
Behavioral task
behavioral1
Sample
dff766c88242e61fef8a9f67f00527150ebd69226458911b2f91c45dd114ff65.dll
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
dff766c88242e61fef8a9f67f00527150ebd69226458911b2f91c45dd114ff65.dll
Resource
win10v2004-20220310-en
General
-
Target
dff766c88242e61fef8a9f67f00527150ebd69226458911b2f91c45dd114ff65.dll
-
Size
711KB
-
MD5
09308c80e9d1322324ee8ed294a911eb
-
SHA1
4553b55119b9a7e768d94d3038a4015029e6dcda
-
SHA256
dff766c88242e61fef8a9f67f00527150ebd69226458911b2f91c45dd114ff65
-
SHA512
703e2cb0afaf8de4352daaf31c2e087d854e551e36a015d42eda287978676bfedfcd751c0f7d765ef5bee8dc33a65bca24798a3047cfdf95957f94a6d56eea89
Malware Config
Extracted
bazarloader
reddew28c.bazar
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1356-54-0x0000000000290000-0x00000000002BB000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1356-54-0x0000000000290000-0x00000000002BB000-memory.dmpFilesize
172KB