216.73.217.172

Bazar

The MITRE Corporation · Published 18/11/2020 20:07 · Modified 27/03/2026 01:05 Family

Essential information

Confidence
100/100
Is family
Yes
Published
18/11/2020 20:07
Modified
27/03/2026 01:05
Revoked
No
Author / Source
The MITRE Corporation
Related entities
52 attack patterns (mitre), 2 intrusion sets (apt), 1 campaign, 1 campaigns

Aliases

KEGTAP Team9 Bazaloader

Description

[Bazar](https://attack.mitre.org/software/S0534) is a downloader and backdoor that has been used since at least April 2020, with infections primarily against professional services, healthcare, manufacturing, IT, logistics and travel companies across the US and Europe. [Bazar](https://attack.mitre.org/software/S0534) reportedly has ties to [TrickBot](https://attack.mitre.org/software/S0266) campaigns and can be used to deploy additional malware, including ransomware, and to steal sensitive data.(Citation: Cybereason Bazar July 2020)

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references