bazarloader | a95a39a8701661fcd9eec6dbf78f8099be1edfa145fb7d43a0105ec82f97df8f | Triage

Submit
Reports

Overview

overview

Static

static

3

qbittorrent-4-5-5.exe

windows10-2004-x64

Resubmissions

28-09-2023 19:47

230928-yhmscafd87 10

26-09-2023 10:31

230926-mklghshg36 10

Sharing

General

Target

qbittorrent-4-5-5.exe
Size

31.5MB
Sample

230928-yhmscafd87
MD5

a1e3d62bb16c2fef5fba7d2899796239
SHA1

841c7c16a30ca3a2ec77148b2fcd250ce9335830
SHA256

a95a39a8701661fcd9eec6dbf78f8099be1edfa145fb7d43a0105ec82f97df8f
SHA512

121401f7df8f4cd01ecc5205510ad4d824ca7208ddb69bb9a5e4678359e82005d76b20467662878975a739f41236edc8581f61279bae278dbb5c7206058def59
SSDEEP

786432:rDRS7fOdUC+EQNLErJ5L8xPEP9vnzfrnfHo9ft03Pvy96VgQCGq7NBwq:rp1+EQNLkJO2pnvnfIfq3P6YCn7H

Score

10^/10

bazarloader discovery dropper loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

qbittorrent-4-5-5.exe

Resource

win10v2004-20230915-en

bazarloader discovery dropper loader

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  qbittorrent-4-5-5.exe
- Size
  
  31.5MB
- MD5
  
  a1e3d62bb16c2fef5fba7d2899796239
- SHA1
  
  841c7c16a30ca3a2ec77148b2fcd250ce9335830
- SHA256
  
  a95a39a8701661fcd9eec6dbf78f8099be1edfa145fb7d43a0105ec82f97df8f
- SHA512
  
  121401f7df8f4cd01ecc5205510ad4d824ca7208ddb69bb9a5e4678359e82005d76b20467662878975a739f41236edc8581f61279bae278dbb5c7206058def59
- SSDEEP
  
  786432:rDRS7fOdUC+EQNLErJ5L8xPEP9vnzfrnfHo9ft03Pvy96VgQCGq7NBwq:rp1+EQNLkJO2pnvnfIfq3P6YCn7H
Score

10^/10

bazarloader discovery dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bazarloaderdiscoverydropperloader

© 2018-2024

Terms | Privacy