General
-
Target
38e91adac9a33b3ebb6a0fc54c4f893b
-
Size
476KB
-
Sample
231231-q9zl8abeg8
-
MD5
38e91adac9a33b3ebb6a0fc54c4f893b
-
SHA1
62265ccd164a4606a8447ad79e04bdae2ba2c318
-
SHA256
1e093803d9fa80bbf214b426b573a2114d2a2a931fe58eb39256e5d0461de849
-
SHA512
740af3f6c290bd6af90443de69e4edbcaa8d7050ddafcaa197f2c90c152786429da82a8143b40da2dfb2a0ae7beb6590865c115dcc3d19ed53e311405331811b
-
SSDEEP
12288:0FFMfdUxknJ9H+EVCevvH06JBXTFb5KFYOSXM65LsnUFMJnanMnY:20Ego6JPlzz
Static task
static1
Behavioral task
behavioral1
Sample
38e91adac9a33b3ebb6a0fc54c4f893b.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
38e91adac9a33b3ebb6a0fc54c4f893b.dll
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
38e91adac9a33b3ebb6a0fc54c4f893b
-
Size
476KB
-
MD5
38e91adac9a33b3ebb6a0fc54c4f893b
-
SHA1
62265ccd164a4606a8447ad79e04bdae2ba2c318
-
SHA256
1e093803d9fa80bbf214b426b573a2114d2a2a931fe58eb39256e5d0461de849
-
SHA512
740af3f6c290bd6af90443de69e4edbcaa8d7050ddafcaa197f2c90c152786429da82a8143b40da2dfb2a0ae7beb6590865c115dcc3d19ed53e311405331811b
-
SSDEEP
12288:0FFMfdUxknJ9H+EVCevvH06JBXTFb5KFYOSXM65LsnUFMJnanMnY:20Ego6JPlzz
Score10/10-
Bazar/Team9 Loader payload
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-