Overview

overview

10

Static

static

1

qBittorren...af.exe

windows7-x64

4

qBittorren...af.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    qBittorrentPortable_4.5.2.paf.exe

  • Size

    15.0MB

  • Sample

    230509-capq3sdg93

  • MD5

    83b1ccdde2d2ea442c2f93bbdb5104eb

  • SHA1

    cf2e6b6dd24224b41d74cca4b6c4b738ea9c0f38

  • SHA256

    bce9addd9304f81c854e60e9d40dad0c50d21527c1fe3fb1e9f973147ab1011a

  • SHA512

    67e89951b2582c1375c3dc5db5fdf4b9d4c736596dc28e75faee3f67cb0361b9e9dea649652794a09feb31340ecc4479a4bfe54ce00aa881c98b1cd7fedbe779

  • SSDEEP

    393216:5UXiAFPR1KptgvG9AwUAUrKlWFvv7J5Bpg2a:5Uz1xvG9AwJlm7Hja

Score
10/10
bazarloaderdropperloader

Malware Config

Targets

    • Target

      qBittorrentPortable_4.5.2.paf.exe

    • Size

      15.0MB

    • MD5

      83b1ccdde2d2ea442c2f93bbdb5104eb

    • SHA1

      cf2e6b6dd24224b41d74cca4b6c4b738ea9c0f38

    • SHA256

      bce9addd9304f81c854e60e9d40dad0c50d21527c1fe3fb1e9f973147ab1011a

    • SHA512

      67e89951b2582c1375c3dc5db5fdf4b9d4c736596dc28e75faee3f67cb0361b9e9dea649652794a09feb31340ecc4479a4bfe54ce00aa881c98b1cd7fedbe779

    • SSDEEP

      393216:5UXiAFPR1KptgvG9AwUAUrKlWFvv7J5Bpg2a:5Uz1xvG9AwJlm7Hja

    Score
    10/10
    bazarloaderdropperloader

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

      loaderdropperbazarloader

    • Bazar/Team9 Loader payload

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks