bazarloader | d2e152367f090ef86c4091af9c06153589bbf6cdc84e6a0600b711878ad7d1f4 | Triage

Submit
Reports

Overview

overview

Static

static

1

adharsh.zip

windows10-2004-x64

Sharing

General

Target

adharsh.crx
Size

79KB
Sample

230912-snljksdf7y
MD5

047e8e17f213d63b9a98adc2023e5e14
SHA1

d0e6e628acee1c7a3cfde783db081e956a03afb9
SHA256

d2e152367f090ef86c4091af9c06153589bbf6cdc84e6a0600b711878ad7d1f4
SHA512

6ac4ab33bba0ad1eae70b488b93a63746c22103d008efe6b95074da7ff92f4b3b082f2bb333927b7b852dfa9b7d777bcef3d20de056fd7ed2319e520e5cc411d
SSDEEP

1536:hsSwONM/Ri97ixU7L3O6f1Ty3o3qKdLT1s2KKmgVfWyS0MjIoiv:hsSNW/RiNiuL3OG1/3vJT1YKmgAFiv

Score

10^/10

bazarloader discovery dropper loader

Static task

static1

Behavioral task

behavioral1

Sample

adharsh.zip

Resource

win10v2004-20230831-en

bazarloader discovery dropper loader

windows10-2004-x64

20 signatures

1800 seconds

Malware Config

Targets

- Target
  
  adharsh.crx
- Size
  
  79KB
- MD5
  
  047e8e17f213d63b9a98adc2023e5e14
- SHA1
  
  d0e6e628acee1c7a3cfde783db081e956a03afb9
- SHA256
  
  d2e152367f090ef86c4091af9c06153589bbf6cdc84e6a0600b711878ad7d1f4
- SHA512
  
  6ac4ab33bba0ad1eae70b488b93a63746c22103d008efe6b95074da7ff92f4b3b082f2bb333927b7b852dfa9b7d777bcef3d20de056fd7ed2319e520e5cc411d
- SSDEEP
  
  1536:hsSwONM/Ri97ixU7L3O6f1Ty3o3qKdLT1s2KKmgVfWyS0MjIoiv:hsSNW/RiNiuL3OG1/3vJT1YKmgAFiv
Score

10^/10

bazarloader discovery dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bazarloaderdiscoverydropperloader

© 2018-2024

Terms | Privacy