38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe

General
Target

38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe

Size

459KB

Sample

220411-cx8gpsfggm

Score
10 /10
MD5

33da74109837ef98981cfdbf1bc493f5

SHA1

771633ae2a6c670ed6fce1a12721ff5e6de24db7

SHA256

f09adc8410622acfed2f8f20db54cd1cbba251129b7095c659c5db81dc83d977

SHA512

e3feaaf6439e0bc493474ef132daa57340982d27df82807a24f4427618d8201c5ceab563d5bd8a84697be29eb61d9074b535acd3302a01082cd7a6fef2b4ccb5

Malware Config

Extracted

Family bazarloader
C2

reddew28c.bazar

Targets
Target

38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe

MD5

b9317377f91cfb1aa38184868036886a

Filesize

710KB

Score
10/10
SHA1

2fa0122caca56adc5d00395545cedb7ff7870326

SHA256

38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe

SHA512

02f4abacac498edb8b48083bb8741efe1bcc76a9402539f4b0ab7b5bc763ff92bc0370aed2abc268913bb7653f4c7126d47cc2139230c5e61f824f4fbe31ac52

Tags

Signatures

  • Bazar Loader

    Description

    Detected loader normally used to deploy BazarBackdoor malware.

    Tags

  • Bazar/Team9 Loader payload

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10