Bazar
MITRE
Malware Type:
Other
Other
First seen:
Unknown
Unknown
Last seen:
Unknown
Unknown
Details:
[Bazar](https://attack.mitre.org/software/S0534) is a downloader and backdoor that has been used since at least April 2020, with infections primarily against professional services, healthcare, manufacturing, IT, logistics and travel companies across the US and Europe. [Bazar](https://attack.mitre.org/software/S0534) reportedly has ties to [TrickBot](https://attack.mitre.org/software/S0266) campaigns and can be used to deploy additional malware, including ransomware, and to steal sensitive data.(Citation: Cybereason Bazar July 2020)
Associated Techniques (51)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1005 | Data from Local System | - |
| T1008 | Fallback Channels | - |
| T1012 | Query Registry | - |
| T1016 | System Network Configuration Discovery | - |
| T1018 | Remote System Discovery | - |
| T1027.002 | Software Packing | - |
| T1027.007 | Dynamic API Resolution | - |
| T1027.013 | Encrypted/Encoded File | - |
| T1033 | System Owner/User Discovery | - |
| T1036.004 | Masquerade Task or Service | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1036.007 | Double File Extension | - |
| T1047 | Windows Management Instrumentation | - |
| T1053.005 | Scheduled Task | - |
| T1055 | Process Injection | - |
Aliases (315)
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
KEGTAP
Team9
Bazaloader
Used by Actors (2)
Metadata
| ID: | 439 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |