Analysis
-
max time kernel
131s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20230621-en -
resource tags
arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system -
submitted
30-06-2023 12:44
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
fileman.dll
Resource
win7-20230621-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
fileman.dll
Resource
win10v2004-20230621-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
fileman.dll
-
Size
213KB
-
MD5
6f3be0dfe6b5971b16464b7924772445
-
SHA1
8af5e975c00f5bdbd843f644a60adbb5f8da8a0d
-
SHA256
b51cb6fa584a073fe95bcf8749cf84363cb431f520a5d97cec92aae88329b7cb
-
SHA512
a1a8d49ec7610c37284a2e9f7409f1f93343c7d9c676985b9a3759388835880e7e376451e89294654cb4fc0f6c6386876896da50347c8bc4a98b80b1825cd5ef
-
SSDEEP
3072:GmmcI7/mAuyLKfrsP5PUD1jB8pZbiYbrmdwDb2lyZi4oRWLuaW5FxvwR0N:/jI7uzfrkAjBoZ1bRi2JYx
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/924-54-0x00000000001D0000-0x00000000001F0000-memory.dmpFilesize
128KB