bazarloader | c51bf8c74311b8941dca2f63a0850e61c1058af6af0ac42d81c2d85cd64d37cb | Triage

Submit
Reports

Overview

overview

Static

static

3

bakjr.exe

windows10-1703-x64

Sharing

General

Target

bakjr.exe
Size

248KB
Sample

240315-hm713scd69
MD5

bb5ef523f0bf243790b6c67dd77ee986
SHA1

cbfe325c2101c5f76a3675b23b459eeb641eecb6
SHA256

c51bf8c74311b8941dca2f63a0850e61c1058af6af0ac42d81c2d85cd64d37cb
SHA512

eb9ffe004187d6174cf0cc2f85184e5a524546e1bc7139c1f16147049eadbd92f94818ea618370450779753c87d8349efe255244eef2450e16f9446799cdeef2
SSDEEP

6144:dL8d+BxlwJG25dgtNZfWjBVyRaViIboK:diilKG2ypWjBwjIsK

Score

10^/10

bazarloader dropper loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bakjr.exe

Resource

win10-20240221-en

bazarloader dropper loader

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  bakjr.exe
- Size
  
  248KB
- MD5
  
  bb5ef523f0bf243790b6c67dd77ee986
- SHA1
  
  cbfe325c2101c5f76a3675b23b459eeb641eecb6
- SHA256
  
  c51bf8c74311b8941dca2f63a0850e61c1058af6af0ac42d81c2d85cd64d37cb
- SHA512
  
  eb9ffe004187d6174cf0cc2f85184e5a524546e1bc7139c1f16147049eadbd92f94818ea618370450779753c87d8349efe255244eef2450e16f9446799cdeef2
- SSDEEP
  
  6144:dL8d+BxlwJG25dgtNZfWjBVyRaViIboK:diilKG2ypWjBwjIsK
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
- Tries to connect to .bazar domain
  Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bazarloaderdropperloader

© 2018-2024

Terms | Privacy