bazarloader | 6e04778b2a2cc3bd6fc6a9f551f5b4d6db673870334ebf9fd62e5d6acd9c8c0d | Triage

Submit
Reports

Overview

overview

Static

static

1

2cde0389d7...18.exe

windows7-x64

2cde0389d7...18.exe

windows10-2004-x64

1

Sharing

General

Target

2cde0389d78f2e3ca8d2202d605f18ec_JaffaCakes118
Size

323KB
Sample

240729-ae3gmaxbja
MD5

2cde0389d78f2e3ca8d2202d605f18ec
SHA1

565111741da7b1a9cfebb3032ab4cd8c05388ee3
SHA256

6e04778b2a2cc3bd6fc6a9f551f5b4d6db673870334ebf9fd62e5d6acd9c8c0d
SHA512

df48fde6b0d0a9e9be4c7c809ea2f4d993c6b9d0349d8d4515838f930e305100476a70502caa0338bb2b2bbce6cf2c21dbde8dc44c3655ae6f1afdd4ac6ba463
SSDEEP

6144:cI2KOympXst+asjCpeIFieYhUnUJSbH7rU/uWje6H9vA:cqOl9sGjY7uFmrzg9vA

Score

10^/10

bazarloader dropper loader

Static task

static1

Behavioral task

behavioral1

Sample

2cde0389d78f2e3ca8d2202d605f18ec_JaffaCakes118.exe

Resource

win7-20240705-en

bazarloader dropper loader

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2cde0389d78f2e3ca8d2202d605f18ec_JaffaCakes118.exe

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  2cde0389d78f2e3ca8d2202d605f18ec_JaffaCakes118
- Size
  
  323KB
- MD5
  
  2cde0389d78f2e3ca8d2202d605f18ec
- SHA1
  
  565111741da7b1a9cfebb3032ab4cd8c05388ee3
- SHA256
  
  6e04778b2a2cc3bd6fc6a9f551f5b4d6db673870334ebf9fd62e5d6acd9c8c0d
- SHA512
  
  df48fde6b0d0a9e9be4c7c809ea2f4d993c6b9d0349d8d4515838f930e305100476a70502caa0338bb2b2bbce6cf2c21dbde8dc44c3655ae6f1afdd4ac6ba463
- SSDEEP
  
  6144:cI2KOympXst+asjCpeIFieYhUnUJSbH7rU/uWje6H9vA:cqOl9sGjY7uFmrzg9vA
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
- Tries to connect to .bazar domain
  Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bazarloaderdropperloader

behavioral2

© 2018-2025

Terms | Privacy