bazarloader | 49d69772e8a4055b69207c505f3176b80701637a4709cdf27a4a9dbb18d9b004 | Triage

Submit
Reports

Overview

overview

Static

static

9a6dfc7406...18.dll

windows7-x64

1

9a6dfc7406...18.dll

windows10-2004-x64

Sharing

General

Target

9a6dfc74068f4d73da5753e31a80dfd5_JaffaCakes118
Size

160KB
Sample

240402-3tjx2shc5v
MD5

9a6dfc74068f4d73da5753e31a80dfd5
SHA1

631b9dd5bec969826b5eef92d02f884dcb3c7250
SHA256

49d69772e8a4055b69207c505f3176b80701637a4709cdf27a4a9dbb18d9b004
SHA512

1b5a20a52a3e762db43ac886a8deb69656001b4466f6c3bd2fd602272c9352bca046bddca02d7b43332c184c8dd2a86e5e638dfc6f03e6bcfd26fb3540bb20fa
SSDEEP

3072:P9PQyZhGz37cx6a6QEKg1xrrHDaQ9YAikhcSntAJnU+/f:PnWKCR8

Score

10^/10

bazarloader dropper loader

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

9a6dfc74068f4d73da5753e31a80dfd5_JaffaCakes118.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

9a6dfc74068f4d73da5753e31a80dfd5_JaffaCakes118.dll

Resource

win10v2004-20240226-en

bazarloader dropper loader

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

bazarloader

C2

reddew28c.bazar

Targets

- Target
  
  9a6dfc74068f4d73da5753e31a80dfd5_JaffaCakes118
- Size
  
  160KB
- MD5
  
  9a6dfc74068f4d73da5753e31a80dfd5
- SHA1
  
  631b9dd5bec969826b5eef92d02f884dcb3c7250
- SHA256
  
  49d69772e8a4055b69207c505f3176b80701637a4709cdf27a4a9dbb18d9b004
- SHA512
  
  1b5a20a52a3e762db43ac886a8deb69656001b4466f6c3bd2fd602272c9352bca046bddca02d7b43332c184c8dd2a86e5e638dfc6f03e6bcfd26fb3540bb20fa
- SSDEEP
  
  3072:P9PQyZhGz37cx6a6QEKg1xrrHDaQ9YAikhcSntAJnU+/f:PnWKCR8
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

bazarloaderdropperloader

© 2018-2024

Terms | Privacy