bazarloader | 8ab5c1ec0b309e33dd2928488d6b2f24b95d60f5d2f40d5783cd8c3cfe804213 | Triage

Submit
Reports

Overview

overview

Static

static

qBittorren...nt.exe

windows7-x64

1

qBittorren...nt.exe

windows10-2004-x64

1

qBittorren...st.exe

windows7-x64

7

qBittorren...st.exe

windows10-2004-x64

7

Sharing

General

Target

qBittorrent.zip
Size

57.9MB
Sample

230420-enngaahd7x
MD5

1704b6c1081da2a2fa525680b56285fa
SHA1

b7395c7455ba0f0b776afd7c2a2c32b3450e0f63
SHA256

8ab5c1ec0b309e33dd2928488d6b2f24b95d60f5d2f40d5783cd8c3cfe804213
SHA512

5d04bf503bbbcfa9fe4de40702b4b01bb81dac6797cec6b9ecc3cb37909e96222db8e0ea92c38f2b1315d3cd11402f17d38c01f9c7ec96c1e122568248ff4501
SSDEEP

1572864:jTfrMh+VWugdjt6t+1c4IJazUeiN0K+vJQoFlsDviWXgV3:zMvusjt6tsc4pm0K8RFlNWXgl

Score

10^/10

bazarloader

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

qBittorrent/qbittorrent.exe

Resource

win7-20230220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

qBittorrent/qbittorrent.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

qBittorrent/uninst.exe

Resource

win7-20230220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral4

Sample

qBittorrent/uninst.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  qBittorrent/qbittorrent.exe
- Size
  
  28.3MB
- MD5
  
  cb03a80bc17d2d81fd34aab4341e89eb
- SHA1
  
  baf0f8686769ae47ed411e8432028057974a1611
- SHA256
  
  8e6af6cbd3765b8d8c1dd553354a0d4ff9f7fc2eb293704845af7e66a9ccdb0a
- SHA512
  
  f2bc0fefab5c22b9732f506ad47b93108779859f2ba7615c8e0522622cd2587cdb711225d603804f75a28932389b2877ab2f886facbbe5871cd55dc20256bcbe
- SSDEEP
  
  393216:keHUAF/9iRC0o+9xU+q7WndIFdU5cqyRZUSfruM4Jsv6tWKFdu9CCoR1:keHUwy9y9Wn+FK5cbfrVor
Score

1^/10
behavioral1 behavioral2
- Target
  
  qBittorrent/uninst.exe
- Size
  
  140KB
- MD5
  
  cc33af4952b4b2189e34ed18e0d6c70d
- SHA1
  
  5a745a04f6ca237bf64e37f0ccb788d0062cfc5d
- SHA256
  
  cef58c3d26735d7bf7d1ce25298b2aaa18fc65364b3d3105d34cec7bd1d7c6f3
- SHA512
  
  3cfaf859b66f027be8fd8b83a481fde384ee66a94dbfd091b0d40a0e5ddfc8073b4ada88c62ba656c410fbada51b29669d77383209cdca7894b7f1364c5c172a
- SSDEEP
  
  3072:gfY/TU9fE9PEturceAcnb7JmXArwBkFAfR7AaB2lo9aGsxU:2Ya6lmcvJ5rTE7AQaGsxU
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy