Analysis
-
max time kernel
41s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
15-04-2022 09:57
Static task
static1
Behavioral task
behavioral1
Sample
288182a8654a0245c56e63f5330ef4a801966089b348e7d8547e8ba969a675e2.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
288182a8654a0245c56e63f5330ef4a801966089b348e7d8547e8ba969a675e2.dll
Resource
win10v2004-20220414-en
General
-
Target
288182a8654a0245c56e63f5330ef4a801966089b348e7d8547e8ba969a675e2.dll
-
Size
710KB
-
MD5
19e70f428294c46f8fa9411d5c3fadef
-
SHA1
94b8edf941b416d0d4f7c076ac192a72387b3c10
-
SHA256
288182a8654a0245c56e63f5330ef4a801966089b348e7d8547e8ba969a675e2
-
SHA512
359a29e7b2f76876aad2c7d36ba4da9ec03602a6afa7ec8307bd7dda49688b721861ec1d3d46e21e66fb4b98511093af2d03cf63e1bbf8af63541721206d3fd8
Malware Config
Extracted
bazarloader
reddew28c.bazar
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1336-54-0x0000000001AC0000-0x0000000001AEB000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1336-54-0x0000000001AC0000-0x0000000001AEB000-memory.dmpFilesize
172KB