General
-
Target
6320a11b8740b2a6ef0c13457ab8933c_JaffaCakes118
-
Size
501KB
-
Sample
240729-1x5ykssgnj
-
MD5
6320a11b8740b2a6ef0c13457ab8933c
-
SHA1
f9ecc55dd25ee71f44f5b401d2e3177a2b93acc5
-
SHA256
c6964b25bb2cb50f34145266c6143c96c530690274270058551e67ab5676e9b6
-
SHA512
9ab6ad2b45066daeccc37ccf46b94bff30b6cac71318dacdd8f7b4c6a2d81f24e23575851591a9d9ebf84e5c55cd90b7d3effc46c1dc8d0ac63a64d517e1e184
-
SSDEEP
6144:uL6vscN55Znu5qk7iVsMqYAqfyfzT4gXdAfnqUmDSaIukprGWSFQy56PE+tRh5ek:uL6EeV7fug3qpRW1bPEH9ajRrn
Malware Config
Targets
-
-
Target
6320a11b8740b2a6ef0c13457ab8933c_JaffaCakes118
-
Size
501KB
-
MD5
6320a11b8740b2a6ef0c13457ab8933c
-
SHA1
f9ecc55dd25ee71f44f5b401d2e3177a2b93acc5
-
SHA256
c6964b25bb2cb50f34145266c6143c96c530690274270058551e67ab5676e9b6
-
SHA512
9ab6ad2b45066daeccc37ccf46b94bff30b6cac71318dacdd8f7b4c6a2d81f24e23575851591a9d9ebf84e5c55cd90b7d3effc46c1dc8d0ac63a64d517e1e184
-
SSDEEP
6144:uL6vscN55Znu5qk7iVsMqYAqfyfzT4gXdAfnqUmDSaIukprGWSFQy56PE+tRh5ek:uL6EeV7fug3qpRW1bPEH9ajRrn
Score10/10-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-