General

  • Target

    9a5030ff5c23877a4b426f73dacc684aa11d08723499cf891d998c20ef1a289d

  • Size

    125KB

  • Sample

    220508-t98rnsffej

  • MD5

    a112d432c396de8012e2dfeb982aa241

  • SHA1

    1b3d8b92d7967637f6fc95dc79a810d6523a60ff

  • SHA256

    9a5030ff5c23877a4b426f73dacc684aa11d08723499cf891d998c20ef1a289d

  • SHA512

    6854a42943b9e305c07e3515d721a7097463817ebef412d3f224288677cb6b187c2d8d97d6292dfbcf23f5ea25304c965e700b818205d95d65f73c6bc83372cc

Malware Config

Targets

    • Target

      9a5030ff5c23877a4b426f73dacc684aa11d08723499cf891d998c20ef1a289d

    • Size

      125KB

    • MD5

      a112d432c396de8012e2dfeb982aa241

    • SHA1

      1b3d8b92d7967637f6fc95dc79a810d6523a60ff

    • SHA256

      9a5030ff5c23877a4b426f73dacc684aa11d08723499cf891d998c20ef1a289d

    • SHA512

      6854a42943b9e305c07e3515d721a7097463817ebef412d3f224288677cb6b187c2d8d97d6292dfbcf23f5ea25304c965e700b818205d95d65f73c6bc83372cc

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

    • Tries to connect to .bazar domain

      Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.

MITRE ATT&CK Matrix

Tasks