Analysis
-
max time kernel
42s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220331-en -
submitted
04-04-2022 00:33
Static task
static1
Behavioral task
behavioral1
Sample
f4a3a445146a23e58331d5f6427070283cff1c0439a34cb15a6b172f0657563e.dll
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
f4a3a445146a23e58331d5f6427070283cff1c0439a34cb15a6b172f0657563e.dll
Resource
win10v2004-20220331-en
General
-
Target
f4a3a445146a23e58331d5f6427070283cff1c0439a34cb15a6b172f0657563e.dll
-
Size
711KB
-
MD5
e30d680751d8931d86e9dda3c1ac43fb
-
SHA1
14f830d579507adf88e4d912b45705726b75b0a3
-
SHA256
f4a3a445146a23e58331d5f6427070283cff1c0439a34cb15a6b172f0657563e
-
SHA512
33cfdac113e3629ce311cf87f91fc42e4f27bf7cd046a655c5d78dafcec50ab8085e95ff96a0ac36f40c8e2614246a003524d79497a9a48f6a9510bb645254b5
Malware Config
Extracted
bazarloader
reddew28c.bazar
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1172-54-0x0000000001AC0000-0x0000000001AEB000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1172-54-0x0000000001AC0000-0x0000000001AEB000-memory.dmpFilesize
172KB