Analysis
-
max time kernel
41s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220331-en -
submitted
08-04-2022 07:26
Static task
static1
Behavioral task
behavioral1
Sample
3d8771a2884d27a29146f5343b0ad76345b0d266e22f3827aaf808fb361685ef.dll
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
3d8771a2884d27a29146f5343b0ad76345b0d266e22f3827aaf808fb361685ef.dll
Resource
win10v2004-20220331-en
General
-
Target
3d8771a2884d27a29146f5343b0ad76345b0d266e22f3827aaf808fb361685ef.dll
-
Size
711KB
-
MD5
022ee0d90aeb71edc5833e2a278b9250
-
SHA1
9b7128792ff18050a7cb3bf9d4b00010da0f6726
-
SHA256
3d8771a2884d27a29146f5343b0ad76345b0d266e22f3827aaf808fb361685ef
-
SHA512
2434d735eca91f0f2aeaa79f3c696abe9e66ecd2cac7d36585fbd89be816588274cf17796c7aa17987e587171db0627ecb1274b4e7efb8b342e3071f6f8e4c06
Malware Config
Extracted
bazarloader
reddew28c.bazar
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1076-54-0x0000000001AF0000-0x0000000001B1B000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1076-54-0x0000000001AF0000-0x0000000001B1B000-memory.dmpFilesize
172KB