General
-
Target
permissible.dll
-
Size
246KB
-
Sample
200705-jsw1l6eblj
-
MD5
061057161259e3df7d12dccb363e56f9
-
SHA1
1292e9b2ee9d566fe5b475835cc39dafbbb658ba
-
SHA256
00272dd639402fa76db43207d074fe52d4849e5d46008f786b944a789b09afc2
-
SHA512
b623b5f1142c560b9f9bc3689a2b53a3acacc93d443a1c2590433d6dc2975e2959243f1b5744720983fbbaa166f25b563b988025f7c4e3e6bf9ff6b720ba11c9
Static task
static1
Behavioral task
behavioral1
Sample
permissible.dll
Resource
win7
Behavioral task
behavioral2
Sample
permissible.dll
Resource
win10v200430
Malware Config
Extracted
zloader
main
2020-07-02
https://fopiese.com/web/data
https://dinctov.com/web/data
https://ennaser.com/web/data
https://hyatart.com/web/data
https://bladilk.com/web/data
https://giridly.com/web/data
https://pleclep.com/web/data
https://phanleb.com/web/data
Targets
-
-
Target
permissible.dll
-
Size
246KB
-
MD5
061057161259e3df7d12dccb363e56f9
-
SHA1
1292e9b2ee9d566fe5b475835cc39dafbbb658ba
-
SHA256
00272dd639402fa76db43207d074fe52d4849e5d46008f786b944a789b09afc2
-
SHA512
b623b5f1142c560b9f9bc3689a2b53a3acacc93d443a1c2590433d6dc2975e2959243f1b5744720983fbbaa166f25b563b988025f7c4e3e6bf9ff6b720ba11c9
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-