Overview

overview

10

Static

static

3d8771a288...ef.dll

windows7_x64

10

3d8771a288...ef.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    145s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220331-en
  • submitted
    08-04-2022 07:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3d8771a2884d27a29146f5343b0ad76345b0d266e22f3827aaf808fb361685ef.dll

  • Size

    711KB

  • MD5

    022ee0d90aeb71edc5833e2a278b9250

  • SHA1

    9b7128792ff18050a7cb3bf9d4b00010da0f6726

  • SHA256

    3d8771a2884d27a29146f5343b0ad76345b0d266e22f3827aaf808fb361685ef

  • SHA512

    2434d735eca91f0f2aeaa79f3c696abe9e66ecd2cac7d36585fbd89be816588274cf17796c7aa17987e587171db0627ecb1274b4e7efb8b342e3071f6f8e4c06

Score
10/10
bazarloaderdropperloader

Malware Config

Extracted

Family

bazarloader

C2

reddew28c.bazar

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazar/Team9 Loader payload 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3d8771a2884d27a29146f5343b0ad76345b0d266e22f3827aaf808fb361685ef.dll,#1
    1⤵
      PID:1692

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1692-124-0x000001881E110000-0x000001881E13B000-memory.dmp
      Filesize

      172KB

      Download