Overview

overview

10

Static

static

1

0e79c3b586...41.exe

windows7-x64

10

0e79c3b586...41.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20250207-en
  • resource tags

    arch:x64arch:x86image:win7-20250207-enlocale:en-usos:windows7-x64system
  • submitted
    24/03/2025, 02:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0e79c3b586b4e661d5ca22341fe6cfeba69d8c0b6f1c77f54dca0237f2285b41.exe

  • Size

    392KB

  • MD5

    04a20c9f33023439b612935b6901917f

  • SHA1

    b238d87263591926fbc0f757b00bd094a1253d71

  • SHA256

    0e79c3b586b4e661d5ca22341fe6cfeba69d8c0b6f1c77f54dca0237f2285b41

  • SHA512

    2b3809a56454172ea26bf48f6c428b66000eadea240a64399ec6afd63d89e07a648f44f706bddbb328b3b0ff64b837c90901a874bd7f2b2771c53164c738c606

  • SSDEEP

    6144:R7RVMLXg8mr4usYN+Uzj5c3pFprR/6/occXjRG9Q2ch657JHabDA:1RVPr4qj5c3pF5R/hXXjYDc0J6bDA

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazarloader family
    bazarloader
  • Bazar/Team9 Loader payload 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0e79c3b586b4e661d5ca22341fe6cfeba69d8c0b6f1c77f54dca0237f2285b41.exe
    "C:\Users\Admin\AppData\Local\Temp\0e79c3b586b4e661d5ca22341fe6cfeba69d8c0b6f1c77f54dca0237f2285b41.exe"
    1⤵
      PID:2872

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2872-0-0x0000000001BC0000-0x0000000001BFC000-memory.dmp

      Filesize

      240KB

      Download

    • memory/2872-4-0x0000000180000000-0x000000018003F000-memory.dmp

      Filesize

      252KB

      Download

    • memory/2872-5-0x0000000000250000-0x0000000000289000-memory.dmp

      Filesize

      228KB

      Download