General
-
Target
m1n.zip
-
Size
169KB
-
Sample
201028-cwywblqhr6
-
MD5
68a51db91f345145175284c8a63bd4de
-
SHA1
6ab0b572e1c7bd24ba8103e876193755d50d16ee
-
SHA256
1bb0dc63d8e5a2bac97d1850455310cf4ec4a3feeef6003a2d5fdfb14d0d04d9
-
SHA512
48797f4d952981dcea74f420ed9103ca6b616eeed478355d0a191f2a25fae77d5548947611f3fd4ec463d2b5f431acc23f1516111427b317e49ee67778710e98
Static task
static1
Behavioral task
behavioral1
Sample
m1n.exe
Resource
win7
Malware Config
Extracted
zloader
r2
r2
https://notsweets.net/LKhwojehDgwegSDG/gateJKjdsh.php
https://olpons.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://karamelliar.org/LKhwojehDgwegSDG/gateJKjdsh.php
https://dogrunn.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://azoraz.net/LKhwojehDgwegSDG/gateJKjdsh.php
Targets
-
-
Target
m1n.exe
-
Size
283KB
-
MD5
399afac5870b698e7692fb7bb2a500eb
-
SHA1
635e5b168da209d1db751d492be5505aca4b1b2f
-
SHA256
145d0203cf0cdfec44c2a27af39fc89158db68b85b8c0b46f661389283a8284a
-
SHA512
4c6db836b033edcaa14eab22e461d9e509d6b14f0381bdaaaf4df5e1e49771a0619bd175476e8d80a89b62bf66efc77da51acc5a215d596dd4003ab2cce76d81
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-