24f692b4ee982a145abf12c5c99079cfbc39e40bd64a3c07defaf36c7f75c7a9.zip

General
Target

24f692b4ee982a145abf12c5c99079cfbc39e40bd64a3c07defaf36c7f75c7a9.zip

Size

154KB

Sample

220513-nsgc7sfaf9

Score
10 /10
MD5

04f0ef4270f1b8be619efdf638211bb1

SHA1

42ed5c024e7e7a357b971cb0e7ef6df3c2afeaf9

SHA256

6d86a2bc4e194b802ac5e1a05bff69f9a6cc28a947780db9248845b22b2025bb

SHA512

a40a278505d6c81d43b4eddf67fc473a90e70fdce7b56e6ba5c3a7e99ed03ee33684fe32131e58425bd072471467512142363602129dd9a388db9bd5c8f0d88a

Malware Config
Targets
Target

24f692b4ee982a145abf12c5c99079cfbc39e40bd64a3c07defaf36c7f75c7a9.exe

MD5

215e0accdf538d48a8a7bf79009e8f9b

Filesize

285KB

Score
10/10
SHA1

4ff45fb8003ab1075bdbbc9d044b7c31374f3cdb

SHA256

24f692b4ee982a145abf12c5c99079cfbc39e40bd64a3c07defaf36c7f75c7a9

SHA512

39139d9ae3149eae6185878eb1943f233b7c7c503fd66a4c1f58deab46b451adaec3c939521dc7d6b2d4e3e6456a429c4591430943ac6bfd3381654d68c27443

Tags

Signatures

  • Bazar Loader

    Description

    Detected loader normally used to deploy BazarBackdoor malware.

    Tags

  • Bazar/Team9 Loader payload

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10