Overview

overview

10

Static

static

dac307d44f...42.exe

windows7_x64

10

dac307d44f...42.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    163s
  • max time network
    184s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    08-05-2022 01:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dac307d44f4c6ce2e03287d58a29f0c942391d48b50e807af7118e965040c742.exe

  • Size

    155KB

  • MD5

    93379d994bba6bd68214e702cc19c5d7

  • SHA1

    6c2cf81f358f7a2c7e3a549599e7078f8fd0cfdf

  • SHA256

    dac307d44f4c6ce2e03287d58a29f0c942391d48b50e807af7118e965040c742

  • SHA512

    bca38911da66648af1ea87c5c52f2b0c8f6bf7697941a5281346d4870a62580f8f5705fd6cba1197b1fcf2acd85c263a6affade6817966bbbb02c5b2a059a8c7

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Tries to connect to .bazar domain 1 IoCs

    Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.

Processes

  • C:\Users\Admin\AppData\Local\Temp\dac307d44f4c6ce2e03287d58a29f0c942391d48b50e807af7118e965040c742.exe
    "C:\Users\Admin\AppData\Local\Temp\dac307d44f4c6ce2e03287d58a29f0c942391d48b50e807af7118e965040c742.exe"
    1⤵
      PID:4360

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads