Malware Analysis Report

2025-01-02 12:06

Sample ID 221026-1tpgeshcf7
Target f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_dump7_0x0000000140000000
SHA256 2aad956658fc870380798e409b59f0c2bfcb42aab0d49c40feb3437ed36186fb
Tags
bazarbackdoor
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

2aad956658fc870380798e409b59f0c2bfcb42aab0d49c40feb3437ed36186fb

Threat Level: Known bad

The file f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_dump7_0x0000000140000000 was found to be: Known bad.

Malicious Activity Summary

bazarbackdoor

Bazar/Team9 Backdoor payload

Bazarbackdoor family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-10-26 21:56

Signatures

Bazar/Team9 Backdoor payload

Description Indicator Process Target
N/A N/A N/A N/A

Bazarbackdoor family

bazarbackdoor

Analysis: behavioral1

Detonation Overview

Submitted

2022-10-26 21:56

Reported

2022-10-26 22:16

Platform

win7-20220901-en

Max time kernel

427s

Max time network

431s

Command Line

"C:\Users\Admin\AppData\Local\Temp\f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_dump7_0x0000000140000000.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_dump7_0x0000000140000000.exe

"C:\Users\Admin\AppData\Local\Temp\f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_dump7_0x0000000140000000.exe"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2022-10-26 21:56

Reported

2022-10-26 22:06

Platform

win10v2004-20220812-en

Max time kernel

0s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A