Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

438e65524f3aed305bd5965137ca17cd7cff32a2e26b91c37ae0a16b9e696e57
Size

460KB
Sample

220413-k4j2paaghm
MD5

f2a3b6fe5c228fb7281d726ff0644621
SHA1

90d027758231d4a52b9b7e2c9e75b88ea09858e1
SHA256

55ee67b7bad6f5e4de26d0f88c58dd6f6528327be644d434f21c4b86c1bb4659
SHA512

d2429c5f386f3d09ec1efa5e8506ff6f692d86b1ee86c3b899829e1163a190b5e301a9b7f541eed087718bf86cdcc58ae519520cf7ced0fbb8985e404de9510f

Score

10^/10

bazarloader dropper loader

Malware Config

Extracted

Family	bazarloader
C2	reddew28c.bazar reddew28c.bazar

Targets

- Target
  
  438e65524f3aed305bd5965137ca17cd7cff32a2e26b91c37ae0a16b9e696e57
- Size
  
  712KB
- MD5
  
  115cb0ec229fd573d4dd2185f97a750e
- SHA1
  
  356dccb236839ebea822d842fec20123ed9180de
- SHA256
  
  438e65524f3aed305bd5965137ca17cd7cff32a2e26b91c37ae0a16b9e696e57
- SHA512
  
  7db15f39baf208a3885b6991fe93f69d1905ef97bf52988b7febec76034da8bf70035fb091b58942d3d66dd37178110384ff02360988bb1e9fa7a62a71df49a6
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

bazarloaderdropperloader

behavioral2

bazarloaderdropperloader