Next Version of the Bazar Loader DGA
Tags
attack-pattern: Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Python - T1059.006
Show in Graph
Common Information
Type Value
UUID dac4c3e9-367c-413a-aeba-8b74a50047d5
Fingerprint d71836f15ad162fb
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 10, 2020, midnight
Added to db Aug. 31, 2024, 12:10 a.m.
Last updated Nov. 16, 2024, 11:18 a.m.
Headline Next Version of the Bazar Loader DGA
Title Next Version of the Bazar Loader DGA
Detected Hints/Tags/Attributes 23/1/12
Source URLs
Redirection Url
Details Source https://bin.re/blog/next-version-of-the-bazarloader-dga/
Details Source https://johannesbader.ch/blog/next-version-of-the-bazarloader-dga/
URL Provider
Details Provider Source level domain
Details bin.re bin.re
Details johannesbader.ch johannesbader.ch
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 19 Binary Reverse Engineering Blog https://bin.re/feed.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1 
backdoor.win32.bazdor.co
Details Domain 46 
datetime.now
Details Domain 5 
args.date
Details File 2 
v1.exe
Details File 3 
p.idx
Details File 6 
args.dat
Details md5 1 
c6502d4dd27a434167686bfa4d183e89
Details md5 1 
e44cfd6ecc1ea0015c28a75964d19799
Details sha1 1 
bddbceefe4185693ef9015d0a535eb7e034b9ec3
Details sha1 1 
cb294c79b5d48840382a06c4021bc2772fdbcf63
Details sha256 1 
35683ac5bbcc63eb33d552878d02ff44582161d1ea1ff969b14ea326083ea780
Details sha256 1 
52e72513fe2a38707aa63fbc52dabd7c7d2c5809ed7e27f384315375426f57bf