Analysis
-
max time kernel
43s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220331-en -
submitted
11-04-2022 02:47
Static task
static1
Behavioral task
behavioral1
Sample
9316151281933378940113971c5537a5bb8f95db2ebfb9ffefad3dbdecb3fdde.dll
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
9316151281933378940113971c5537a5bb8f95db2ebfb9ffefad3dbdecb3fdde.dll
Resource
win10v2004-20220331-en
General
-
Target
9316151281933378940113971c5537a5bb8f95db2ebfb9ffefad3dbdecb3fdde.dll
-
Size
711KB
-
MD5
58a05ac00c48837f62ba94a700106f0f
-
SHA1
5e0b655b35ac7a997df7c6c885daa9099d4058a6
-
SHA256
9316151281933378940113971c5537a5bb8f95db2ebfb9ffefad3dbdecb3fdde
-
SHA512
faddfea12218981589c5965488e278358efc31463a98df4daa2fb4b7d9ae369401079310831f5fea794fe261310954186c354ca05fedab9161895e1510561544
Malware Config
Extracted
bazarloader
reddew28c.bazar
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1028-54-0x0000000000120000-0x000000000014B000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1028-54-0x0000000000120000-0x000000000014B000-memory.dmpFilesize
172KB