General
-
Target
updateme.dll
-
Size
157KB
-
Sample
200828-ng2p7q4gbn
-
MD5
c182f4b04f4c0b361c0792f9e75621b2
-
SHA1
4026c3deb1203f6ee5afed71233b888e6f9b393a
-
SHA256
b866a18458d22f3c362eb9db308ccbbe80ad1a1ef04d9f1c8ba6d3c66ccd4971
-
SHA512
f97ef84dea027e4b9b68c10f1eb599545f8d742698c5a85352460993ec080a14a80b345328c3511e937d7e9797a447b0f47b03b7cb87094ee63788d159a9f2ac
Static task
static1
Behavioral task
behavioral1
Sample
updateme.dll
Resource
win7v200722
Behavioral task
behavioral2
Sample
updateme.dll
Resource
win10
Malware Config
Extracted
zloader
DLLobnova
dllsobaka
https://fsakfiasjmls000kjajs.online/gate.php
https://fsakf111iasjmlskjajs.online/gate.php
https://fsakfiasjml333skjajs.online/gate.php
https://fsakf11iasjml333skjajs.online/gate.php
Targets
-
-
Target
updateme.dll
-
Size
157KB
-
MD5
c182f4b04f4c0b361c0792f9e75621b2
-
SHA1
4026c3deb1203f6ee5afed71233b888e6f9b393a
-
SHA256
b866a18458d22f3c362eb9db308ccbbe80ad1a1ef04d9f1c8ba6d3c66ccd4971
-
SHA512
f97ef84dea027e4b9b68c10f1eb599545f8d742698c5a85352460993ec080a14a80b345328c3511e937d7e9797a447b0f47b03b7cb87094ee63788d159a9f2ac
Score10/10-
Blacklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-