Overview

overview

10

Static

static

1

Nuevo Docu...to.txt

windows7-x64

1

Nuevo Docu...to.txt

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Nuevo Documento de texto.txt

  • Size

    725B

  • Sample

    230317-yscecsbg6v

  • MD5

    74d110b5fc6207c290d9e2500251c5ed

  • SHA1

    5badad950b8d3ebc3f18ca300b1b9b73c4e4d8f8

  • SHA256

    51c4a88dd584a80aa83b6dd8fff7a3152c5cce9fbd66caf3635e7b4e2ad3f076

  • SHA512

    35fc56657c7a0e50fea75d2c8d1b9c697340b3d2f8297ff389acad1c8abc6ec473d032c51c7cc94174c41a7a47913db7511b33886e345d591b71e7922e99c6d2

Score
10/10
bazarloaderdropperloader

Malware Config

Targets

    • Target

      Nuevo Documento de texto.txt

    • Size

      725B

    • MD5

      74d110b5fc6207c290d9e2500251c5ed

    • SHA1

      5badad950b8d3ebc3f18ca300b1b9b73c4e4d8f8

    • SHA256

      51c4a88dd584a80aa83b6dd8fff7a3152c5cce9fbd66caf3635e7b4e2ad3f076

    • SHA512

      35fc56657c7a0e50fea75d2c8d1b9c697340b3d2f8297ff389acad1c8abc6ec473d032c51c7cc94174c41a7a47913db7511b33886e345d591b71e7922e99c6d2

    Score
    10/10
    bazarloaderdropperloader

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

      loaderdropperbazarloader

    • Bazar/Team9 Loader payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks