Analysis
-
max time kernel
96s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
10-05-2022 17:48
General
-
Target
4324e519c3af337501924823d25274db909e16cc3805de838157737f948ec255.exe
-
Size
153KB
-
MD5
07312275b8a97fc8a4d6024f889f40aa
-
SHA1
242df9bf507f11468fe9d40994a6bf34b472817a
-
SHA256
4324e519c3af337501924823d25274db909e16cc3805de838157737f948ec255
-
SHA512
1bbdd9bc4072468cb11f218e8e2cbef2ae4d64fa75cbca08d5512482e1faecbf4a2c48f1a5dbbb88afc5a99bedcf72bcab1f0f7d64117594757ad6ad52edb80b
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Tries to connect to .bazar domain 1 IoCs
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
Processes
-
C:\Users\Admin\AppData\Local\Temp\4324e519c3af337501924823d25274db909e16cc3805de838157737f948ec255.exe"C:\Users\Admin\AppData\Local\Temp\4324e519c3af337501924823d25274db909e16cc3805de838157737f948ec255.exe"1⤵