bazarloader | 5ceb28316f29c3912332065eeaaebf59f10d79cd9388ef2a7802b9bb80d797be | Triage

Sharing

General

Target

5ceb28316f29c3912332065eeaaebf59f10d79cd9388ef2a7802b9bb80d797be
Size

270KB
Sample

240410-nbc98agg4t
MD5

8331d179757bc08eca2916237fd66ef1
SHA1

057077d1f32a756492dfe18baff53ca6dd31a378
SHA256

5ceb28316f29c3912332065eeaaebf59f10d79cd9388ef2a7802b9bb80d797be
SHA512

fb48821ee4ab6687d952122d3f3659f4fa8c53dd67ac565ce72bd0228913b55c454d21e3e33a7e1390a48889a47e712cf889189400b6e8c38b9de74e858ee1f6
SSDEEP

6144:IpGL6nRr/qJy8CQnzX473venaGyRAU9uBXP:ILn9qJ5rnzoLvong6X

Score

10^/10

bazarloader dropper loader

Malware Config

Targets

- Target
  
  Attachments.lnk
- Size
  
  1KB
- MD5
  
  e87e52db1aa360baf8444c5524dd2b26
- SHA1
  
  b89d0c4568c74f03ec3e1917c22a83c37409b10a
- SHA256
  
  6497223d35530f2e510382aa1866b83ffaf215213b8080b7ecb299b6e7e3e6b1
- SHA512
  
  e93d7808c29ec45569382ee5bd2f50a41c0cf1c1d2cbb909d5aec2abf166f0ad87b672eaa4a1c00b28eb31faf55f1a254d8ab842bcb4d22dd750b26926e7c64a
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  DumpStack.log
- Size
  
  216KB
- MD5
  
  85326ee9659fc5bf82c6d71b74f02684
- SHA1
  
  f2bd6c53e806861256285bb1c0d51312a10267a8
- SHA256
  
  ca3c7c4b570751c0dbf9063a23035967dfca4a2c7a8ce6bb2997439257ac6f10
- SHA512
  
  43b621dc4169a370241423c3775a1ac9ea83fb4df73111cb396b149f79a9d51122c5f3f8f1158482feefe62d45af741d04540e4578f84e613f0a5c668d41cf0b
- SSDEEP
  
  6144:mpGL6nRr/qJy8CQnzX473venaGyRAU9uBXP:mLn9qJ5rnzoLvong6X
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bazarloaderdropperloader

behavioral2

bazarloaderdropperloader

behavioral3

behavioral4