bazarbackdoor | 9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06 | Triage

Submit
Reports

Overview

overview

Static

static

9211217318...06.exe

windows7_x64

9211217318...06.exe

windows10-2004_x64

Sharing

General

Target

9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06
Size

25.7MB
Sample

220516-b82b4abedl
MD5

a95111407437bd851ae651f847b53e90
SHA1

1b45a51068c128fb97883a671c68cf17b02d2e29
SHA256

9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06
SHA512

18474827161b6e722db1b561171d96bc7d47e3e3f8a0e2bd416b540bdd8d8a3fe772ba7c24f3ad83a0aa3e45008d937a03ce0e0fb6786833da0397396b19cce7

Score

10^/10

bazarbackdoor demonware pyinstaller ransomware

Static task

static1

pyinstaller bazarbackdoor

Behavioral task

behavioral1

Sample

9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06.exe

Resource

win7-20220414-en

demonware ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06.exe

Resource

win10v2004-20220414-en

demonware ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06
- Size
  
  25.7MB
- MD5
  
  a95111407437bd851ae651f847b53e90
- SHA1
  
  1b45a51068c128fb97883a671c68cf17b02d2e29
- SHA256
  
  9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06
- SHA512
  
  18474827161b6e722db1b561171d96bc7d47e3e3f8a0e2bd416b540bdd8d8a3fe772ba7c24f3ad83a0aa3e45008d937a03ce0e0fb6786833da0397396b19cce7
Score

10^/10

demonware ransomware
- DemonWare
  Ransomware first seen in mid-2020.
  ransomware demonware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

pyinstallerbazarbackdoor

behavioral1

demonwareransomware

behavioral2

demonwareransomware

© 2018-2024

Terms | Privacy