Overview

overview

10

Static

static

1

AutodeskDW...ll.exe

windows7-x64

6

AutodeskDW...ll.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AutodeskDWGTrueView2025enUSsetupwebinstall.exe

  • Size

    14.8MB

  • Sample

    240927-ad953svemm

  • MD5

    01ef4bfcc6f655de869e60df5f0d0c9f

  • SHA1

    c076fc0ea357e61b2c0fadbc03255a7b517c411f

  • SHA256

    4326f91c4f75c5cc94c27ddf9c3cbeebb91d0580cbbf6bba8abb98cd756b036c

  • SHA512

    e3a517beb65289ff3b11e19a977911dda238e4ab55cbc6aab4e5dedfbe0d75331877898034b00a60a5ae20ab3ac71579b008f34edd98ad0db9161ff338f6996f

  • SSDEEP

    393216:lYw8LB5/a1eo1Owns+aZyqYZl/ZRiUOS8:lY7B5y1e8TfiUOS8

Score
10/10
bazarloaderdiscoverydropperevasionloadertrojan

Malware Config

Targets

    • Target

      AutodeskDWGTrueView2025enUSsetupwebinstall.exe

    • Size

      14.8MB

    • MD5

      01ef4bfcc6f655de869e60df5f0d0c9f

    • SHA1

      c076fc0ea357e61b2c0fadbc03255a7b517c411f

    • SHA256

      4326f91c4f75c5cc94c27ddf9c3cbeebb91d0580cbbf6bba8abb98cd756b036c

    • SHA512

      e3a517beb65289ff3b11e19a977911dda238e4ab55cbc6aab4e5dedfbe0d75331877898034b00a60a5ae20ab3ac71579b008f34edd98ad0db9161ff338f6996f

    • SSDEEP

      393216:lYw8LB5/a1eo1Owns+aZyqYZl/ZRiUOS8:lY7B5y1e8TfiUOS8

    Score
    10/10
    discoverybazarloaderdropperevasionloadertrojan

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

      loaderdropperbazarloader

    • Bazar/Team9 Loader payload

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks