Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
30-12-2023 08:17
Static task
static1
Behavioral task
behavioral1
Sample
13362e3682be5d28d2b4245b933d7cfe.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
13362e3682be5d28d2b4245b933d7cfe.dll
Resource
win10v2004-20231215-en
General
-
Target
13362e3682be5d28d2b4245b933d7cfe.dll
-
Size
239KB
-
MD5
13362e3682be5d28d2b4245b933d7cfe
-
SHA1
e61511a4897c684436ff87a23da8a73ab782574e
-
SHA256
3331b44971d3e258dd09547bcb3f012694dd78e2f88553601ccabd8d779172b1
-
SHA512
15ad1d1cdb5359ad3826e1afc324567879e0843db1fa7094c8a96a9ad7143f2647e0c78dff028a69bd8bd8fa8de820488173cbe1810bad7ce5501b0800621983
-
SSDEEP
6144:1RlRUtrf4RRT+awNqpKohpb7EUwtqvgGT24s3AVLAaWMCV4jPzxHQu:1nGFuRW0NVQtOgFFWWMfjLdQu
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 2 IoCs
Processes:
resource yara_rule behavioral1/memory/2156-0-0x0000000001D60000-0x0000000001EEC000-memory.dmp BazarLoaderVar6 behavioral1/memory/2156-1-0x0000000001D60000-0x0000000001EEC000-memory.dmp BazarLoaderVar6