Overview

overview

10

Static

static

10

bazaar.202...ge.exe

windows7-x64

3

bazaar.202...ge.exe

windows11-21h2-x64

1

bazaar.202...te.exe

windows7-x64

10

bazaar.202...te.exe

windows11-21h2-x64

10

bazaar.202...te.exe

windows7-x64

10

bazaar.202...te.exe

windows11-21h2-x64

10

bazaar.202...te.exe

windows7-x64

10

bazaar.202...te.exe

windows11-21h2-x64

10

Resubmissions

15-09-2024 22:00

240915-1wpj7svapc 10

15-09-2024 21:56

240915-1tbwbsthne 10

20-08-2024 13:49

240820-q4v2vayfmp 10

Analysis

  • max time kernel
    55s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15-09-2024 21:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.exe

  • Size

    16KB

  • MD5

    fc8f4e31d85e796c1efe9b0fabeed23a

  • SHA1

    e15233a69c32761d8ad0e293ce1ed2e1162d5647

  • SHA256

    c35e3bdf0d1a7275e73f3c8c9fb57cf874ffa19ffafae649025b1e90cd07c096

  • SHA512

    36e40d94711c82fb1669e3143d63833a3f7ad1b0ea8dae00287cbcdfd154135a3d7042702e4900193d0dcae94b0d03f7b6a9fb545e20c709fd4fb4a1cae95351

  • SSDEEP

    384:sxF6Mj9VnRq2Rj9oM+bYO+4kr9oDPlMNcLlb5sVKdyS5Ct:sxF6Mj9V5bDclMNE9o

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bazaar.2020.02\HEUR-Backdoor.MSIL.Revenge.exe
    "C:\Users\Admin\AppData\Local\Temp\bazaar.2020.02\HEUR-Backdoor.MSIL.Revenge.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1852-0-0x00007FF985405000-0x00007FF985406000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1852-1-0x000000001BB90000-0x000000001C05E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1852-2-0x000000001B590000-0x000000001B636000-memory.dmp

    Filesize

    664KB

    Download

  • memory/1852-3-0x00007FF985150000-0x00007FF985AF1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1852-4-0x000000001C0D0000-0x000000001C132000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1852-5-0x00007FF985150000-0x00007FF985AF1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1852-6-0x00007FF985405000-0x00007FF985406000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1852-7-0x00007FF985150000-0x00007FF985AF1000-memory.dmp

    Filesize

    9.6MB

    Download