Analysis
-
max time kernel
114s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20220331-en -
submitted
11-04-2022 02:28
Static task
static1
Behavioral task
behavioral1
Sample
38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe.dll
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe.dll
Resource
win10v2004-20220331-en
General
-
Target
38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe.dll
-
Size
710KB
-
MD5
b9317377f91cfb1aa38184868036886a
-
SHA1
2fa0122caca56adc5d00395545cedb7ff7870326
-
SHA256
38b50040db894ad42d4b708eb9b413d71ec2232bf770e5dcd2dc066bedfc92fe
-
SHA512
02f4abacac498edb8b48083bb8741efe1bcc76a9402539f4b0ab7b5bc763ff92bc0370aed2abc268913bb7653f4c7126d47cc2139230c5e61f824f4fbe31ac52
Malware Config
Extracted
bazarloader
reddew28c.bazar
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral2/memory/4672-124-0x000001BCD67C0000-0x000001BCD67EB000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4672-124-0x000001BCD67C0000-0x000001BCD67EB000-memory.dmpFilesize
172KB