bazaloader | 4cf15b8ba1dc2de2f0d3c835dc5a98ab406ad2bf4b62db8962bd72c627f5d2d7 | Triage

Sharing

General

Target

JaffaCakes118_4633553ac82bed9acd29429c03ff7b89
Size

1.0MB
Sample

250114-1ptkkssrel
MD5

4633553ac82bed9acd29429c03ff7b89
SHA1

37da199a8801a3eaa3fc18771a1d942f44121ca3
SHA256

4cf15b8ba1dc2de2f0d3c835dc5a98ab406ad2bf4b62db8962bd72c627f5d2d7
SHA512

712d07417e27c7545209dd0edb26435d1efc4e079bb15229719215752cfdb4c533532284c3225fdea1d7a1ca18824e3a84a0572375ab06381ff7cec0e1876259
SSDEEP

12288:XIVsu4aRK+026o1XW8NxcQuESBuSqDQjbyXJk5t71c0GymN84HHLlXkbAdIevkDP:X0gj26ohW8jKXe54V+N9ntS/eve+cHE

Score

10^/10

bazaloader discovery trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_4633553ac82bed9acd29429c03ff7b89
- Size
  
  1.0MB
- MD5
  
  4633553ac82bed9acd29429c03ff7b89
- SHA1
  
  37da199a8801a3eaa3fc18771a1d942f44121ca3
- SHA256
  
  4cf15b8ba1dc2de2f0d3c835dc5a98ab406ad2bf4b62db8962bd72c627f5d2d7
- SHA512
  
  712d07417e27c7545209dd0edb26435d1efc4e079bb15229719215752cfdb4c533532284c3225fdea1d7a1ca18824e3a84a0572375ab06381ff7cec0e1876259
- SSDEEP
  
  12288:XIVsu4aRK+026o1XW8NxcQuESBuSqDQjbyXJk5t71c0GymN84HHLlXkbAdIevkDP:X0gj26ohW8jKXe54V+N9ntS/eve+cHE
Score

10^/10

bazaloader trojan discovery
- Bazaloader family
  bazaloader
- Detects BazaLoader malware
  BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests - JaffaCakes118.
  trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

trojanbazaloader

behavioral1

bazaloadertrojan

behavioral2