Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220331-en -
submitted
04-04-2022 07:40
Static task
static1
Behavioral task
behavioral1
Sample
4307ca821d8f15f782955bdbe4740021720fd61832f174f9d06ee9e22e27bb64.dll
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
4307ca821d8f15f782955bdbe4740021720fd61832f174f9d06ee9e22e27bb64.dll
Resource
win10v2004-20220331-en
General
-
Target
4307ca821d8f15f782955bdbe4740021720fd61832f174f9d06ee9e22e27bb64.dll
-
Size
712KB
-
MD5
30b62d95ce73f71d66569da1f5efa085
-
SHA1
6bcc28b7bd2dfbd18c96c4d7ea4f3ce878fd1e03
-
SHA256
4307ca821d8f15f782955bdbe4740021720fd61832f174f9d06ee9e22e27bb64
-
SHA512
174afecbc2f1d10dddab3f95e2855cdba040962f8db28d687372c2209724da45c6d4ef3e65608e8a730321e7effb3e39f1d823886a082c3c7b7a3c9a9d34fb65
Malware Config
Extracted
bazarloader
reddew28c.bazar
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1764-54-0x0000000000290000-0x00000000002BB000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1764-54-0x0000000000290000-0x00000000002BB000-memory.dmpFilesize
172KB