bazarloader | 25cdf658c6e625b0056a1f737dc039ab6de8e25015ca0433b593fe448d07aab3 | Triage

Submit
Reports

Overview

overview

Static

static

1

я его ...о.mp4

windows7-x64

Sharing

General

Target

я его боюсь этого пидораса ебаного.mp4
Size

513KB
Sample

230724-zzq2rshf8t
MD5

1d5a3ef77c864d185322f524d1939463
SHA1

52df87b92e3340a97beb4bb4e2916981b32d01a9
SHA256

25cdf658c6e625b0056a1f737dc039ab6de8e25015ca0433b593fe448d07aab3
SHA512

6947c42f49113d48aea5cc5d2e919e1852234f79a6a7eacd807bb04420b85eb17d5988309aaa923afafb6ad2e7cd4fa84f719571958f058699baced987230fef
SSDEEP

12288:U14S+RBfnkuJm3FYyyMxceOg0ivZ33bx1rrPprskzZ4LBnGrWj:04rcuJm3FYyyMxceBvvV1Lo11GrI

Score

10^/10

bazarloader discovery dropper loader

Static task

static1

Behavioral task

behavioral1

Sample

я его боюсь этого пидораса ебаного.mp4

Resource

win7-20230712-en

bazarloader discovery dropper loader

windows7-x64

19 signatures

1800 seconds

Malware Config

Targets

- Target
  
  я его боюсь этого пидораса ебаного.mp4
- Size
  
  513KB
- MD5
  
  1d5a3ef77c864d185322f524d1939463
- SHA1
  
  52df87b92e3340a97beb4bb4e2916981b32d01a9
- SHA256
  
  25cdf658c6e625b0056a1f737dc039ab6de8e25015ca0433b593fe448d07aab3
- SHA512
  
  6947c42f49113d48aea5cc5d2e919e1852234f79a6a7eacd807bb04420b85eb17d5988309aaa923afafb6ad2e7cd4fa84f719571958f058699baced987230fef
- SSDEEP
  
  12288:U14S+RBfnkuJm3FYyyMxceOg0ivZ33bx1rrPprskzZ4LBnGrWj:04rcuJm3FYyyMxceBvvV1Lo11GrI
Score

10^/10

bazarloader discovery dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1947) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bazarloaderdiscoverydropperloader

© 2018-2024

Terms | Privacy