bazarloader | 9f7e4c52af1b8afcb06ca88cc726d1e4681b0f87683b04d175bb70be4363d345 | Triage

Submit
Reports

Overview

overview

Static

static

1

8e7b76532c...18.exe

windows7-x64

8e7b76532c...18.exe

windows10-2004-x64

1

Sharing

General

Target

8e7b76532c0bb541c727861f74a0b618_JaffaCakes118
Size

393KB
Sample

240812-m3htcascmd
MD5

8e7b76532c0bb541c727861f74a0b618
SHA1

ef0d327aa5969f8ad65ddb7f605d645e3270e64a
SHA256

9f7e4c52af1b8afcb06ca88cc726d1e4681b0f87683b04d175bb70be4363d345
SHA512

0ccc658a6eb0e4a29e558ffaf800ec8c381621af057134c6b26a944c0fcf1e974a140f45305dedfd1933a3a8466a03fefede278f69bc8762cd56c28f9c28ba6e
SSDEEP

6144:e9zgMUl3ABcePxx3K0mh5eu00S4KtDXaXYc+VKT8jHnAqYhf2k8Zl6:ozgTfePvK0mzeu00S4KBaWje2W

Score

10^/10

bazarloader dropper loader

Static task

static1

Behavioral task

behavioral1

Sample

8e7b76532c0bb541c727861f74a0b618_JaffaCakes118.exe

Resource

win7-20240705-en

bazarloader dropper loader

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8e7b76532c0bb541c727861f74a0b618_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  8e7b76532c0bb541c727861f74a0b618_JaffaCakes118
- Size
  
  393KB
- MD5
  
  8e7b76532c0bb541c727861f74a0b618
- SHA1
  
  ef0d327aa5969f8ad65ddb7f605d645e3270e64a
- SHA256
  
  9f7e4c52af1b8afcb06ca88cc726d1e4681b0f87683b04d175bb70be4363d345
- SHA512
  
  0ccc658a6eb0e4a29e558ffaf800ec8c381621af057134c6b26a944c0fcf1e974a140f45305dedfd1933a3a8466a03fefede278f69bc8762cd56c28f9c28ba6e
- SSDEEP
  
  6144:e9zgMUl3ABcePxx3K0mh5eu00S4KtDXaXYc+VKT8jHnAqYhf2k8Zl6:ozgTfePvK0mzeu00S4KBaWje2W
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Bazar/Team9 Loader payload
- Tries to connect to .bazar domain
  Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bazarloaderdropperloader

behavioral2

© 2018-2025

Terms | Privacy