bazarloader | a9ab6451237742034b36e97486bdeaec4882af357905f51ff5d9cdbccdb2b97c[.]sample | Triage

Submit
Reports

Overview

overview

Static

static

a9ab645123...7c.dll

windows7-x64

1

a9ab645123...7c.dll

windows10-2004-x64

1

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a9ab6451237742034b36e97486bdeaec4882af357905f51ff5d9cdbccdb2b97c.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

a9ab6451237742034b36e97486bdeaec4882af357905f51ff5d9cdbccdb2b97c.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a9ab6451237742034b36e97486bdeaec4882af357905f51ff5d9cdbccdb2b97c.sample
Size

111KB
MD5

dfe984ddbd70d1565348f9c412d73344
SHA1

62beb178f980a3fa69ecb97bf0bd5a8e5c3b977d
SHA256

a9ab6451237742034b36e97486bdeaec4882af357905f51ff5d9cdbccdb2b97c
SHA512

3a48b7a20b537843e5401f7275bcc434ea7dad66f9b8e75f3158aae3b1d37d53a32da5cd15b797fb4428f21a932982fa84ad7e05c8bb93876f786dd43f94a703
SSDEEP

3072:y6uKE8I878TMqmveIH3BWdUuaNIhmcNiDxRz1ncSoJ:yWRI+GIH3BvuSCmttcS

Score

10^/10

bazarloader

Malware Config

Extracted

Family

bazarloader

C2

144.217.50.242

5.39.63.103

94.140.113.53

185.163.45.95

reddew28c.bazar

bluehail.bazar

whitestorm9p.bazar

Signatures

Bazarloader family
bazarloader

Files

a9ab6451237742034b36e97486bdeaec4882af357905f51ff5d9cdbccdb2b97c.sample
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

BetweenDo
LeaveWoman
MeAgainst
SkMpNGC
WorkDown
oX540Y0NQ
sAnatSkn

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy