Overview

overview

10

Static

static

438e65524f...57.dll

windows7_x64

10

438e65524f...57.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    4294181s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20220311-en
  • submitted
    13-04-2022 09:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    438e65524f3aed305bd5965137ca17cd7cff32a2e26b91c37ae0a16b9e696e57.dll

  • Size

    712KB

  • MD5

    115cb0ec229fd573d4dd2185f97a750e

  • SHA1

    356dccb236839ebea822d842fec20123ed9180de

  • SHA256

    438e65524f3aed305bd5965137ca17cd7cff32a2e26b91c37ae0a16b9e696e57

  • SHA512

    7db15f39baf208a3885b6991fe93f69d1905ef97bf52988b7febec76034da8bf70035fb091b58942d3d66dd37178110384ff02360988bb1e9fa7a62a71df49a6

Score
10/10
bazarloaderdropperloader

Malware Config

Extracted

Family

bazarloader

C2

reddew28c.bazar

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazar/Team9 Loader payload 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\438e65524f3aed305bd5965137ca17cd7cff32a2e26b91c37ae0a16b9e696e57.dll,#1
    1⤵
      PID:1652

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1652-54-0x0000000001AD0000-0x0000000001AFB000-memory.dmp
      Filesize

      172KB

      Download