General

  • Target

    38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe

  • Size

    459KB

  • Sample

    220411-cx8gpsfggm

  • MD5

    33da74109837ef98981cfdbf1bc493f5

  • SHA1

    771633ae2a6c670ed6fce1a12721ff5e6de24db7

  • SHA256

    f09adc8410622acfed2f8f20db54cd1cbba251129b7095c659c5db81dc83d977

  • SHA512

    e3feaaf6439e0bc493474ef132daa57340982d27df82807a24f4427618d8201c5ceab563d5bd8a84697be29eb61d9074b535acd3302a01082cd7a6fef2b4ccb5

Malware Config

Extracted

Family

bazarloader

C2

reddew28c.bazar

Targets

    • Target

      38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe

    • Size

      710KB

    • MD5

      b9317377f91cfb1aa38184868036886a

    • SHA1

      2fa0122caca56adc5d00395545cedb7ff7870326

    • SHA256

      38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe

    • SHA512

      02f4abacac498edb8b48083bb8741efe1bcc76a9402539f4b0ab7b5bc763ff92bc0370aed2abc268913bb7653f4c7126d47cc2139230c5e61f824f4fbe31ac52

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

    • Bazar/Team9 Loader payload

MITRE ATT&CK Matrix

Tasks