General
-
Target
98ed90d195c526a149a4df51da593f9a
-
Size
338KB
-
Sample
240213-j61lsaef97
-
MD5
98ed90d195c526a149a4df51da593f9a
-
SHA1
0dc8a9522b390770f5d46d50703e677cd1326a06
-
SHA256
aecaf4d991c7932cdb64113ab26248a302171b91584ad20055217ce75ed41ae9
-
SHA512
3de7e734b32702e7fe004ab2b8b7a9fd4e60e799b04912228fab16ab3edf16e6d5f080c8760f0621644649073344e1085e340076c29f3c53caddb54e11faea41
-
SSDEEP
6144:uZwKn8bxurvfUCEs7I4V2PsqHMc/PZ6RguROla0CWecIdn9TCwC6d6:zTbxuLfUCR2kQMgZ6W4OIePA6
Static task
static1
Behavioral task
behavioral1
Sample
98ed90d195c526a149a4df51da593f9a.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
98ed90d195c526a149a4df51da593f9a.dll
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
98ed90d195c526a149a4df51da593f9a
-
Size
338KB
-
MD5
98ed90d195c526a149a4df51da593f9a
-
SHA1
0dc8a9522b390770f5d46d50703e677cd1326a06
-
SHA256
aecaf4d991c7932cdb64113ab26248a302171b91584ad20055217ce75ed41ae9
-
SHA512
3de7e734b32702e7fe004ab2b8b7a9fd4e60e799b04912228fab16ab3edf16e6d5f080c8760f0621644649073344e1085e340076c29f3c53caddb54e11faea41
-
SSDEEP
6144:uZwKn8bxurvfUCEs7I4V2PsqHMc/PZ6RguROla0CWecIdn9TCwC6d6:zTbxuLfUCR2kQMgZ6W4OIePA6
Score10/10-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-