General
-
Target
B3.dll
-
Size
567KB
-
Sample
200907-ht3nchnw3s
-
MD5
06758591f9fede42c56ee311988acc4a
-
SHA1
d1ed2bd42658512faaacbe8d8230d3b542991654
-
SHA256
6679da77917ddc1ab75c7f05dee0701d172ff0bfc6a7cd92d4c73a66c877a7d8
-
SHA512
965c4ee025b0a146f4d7f332dc0768fb509389b9317581d97b6b94d003d60cfa9b3afe0dd973962eb5365b325f8a5e4b36482ba90b9dacfe4dfb1a864c05bb85
Static task
static1
Behavioral task
behavioral1
Sample
B3.dll
Resource
win7
Behavioral task
behavioral2
Sample
B3.dll
Resource
win10v200722
Malware Config
Extracted
zloader
bat1k3
bat1k3
http://as9897234135.xyz/LKhwojehDgwegSDG/gateJKjdsh.php
http://as9897234135.org/LKhwojehDgwegSDG/gateJKjdsh.php
http://as9897234135.net/LKhwojehDgwegSDG/gateJKjdsh.php
http://as9897234135.in/LKhwojehDgwegSDG/gateJKjdsh.php
http://as9897234135.com/LKhwojehDgwegSDG/gateJKjdsh.php
Targets
-
-
Target
B3.dll
-
Size
567KB
-
MD5
06758591f9fede42c56ee311988acc4a
-
SHA1
d1ed2bd42658512faaacbe8d8230d3b542991654
-
SHA256
6679da77917ddc1ab75c7f05dee0701d172ff0bfc6a7cd92d4c73a66c877a7d8
-
SHA512
965c4ee025b0a146f4d7f332dc0768fb509389b9317581d97b6b94d003d60cfa9b3afe0dd973962eb5365b325f8a5e4b36482ba90b9dacfe4dfb1a864c05bb85
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Suspicious use of SetThreadContext
-