General
-
Target
E201.zip
-
Size
218KB
-
Sample
201029-2nc8yhkct2
-
MD5
21a9280dcec3a899b53b44d1d6e04ae0
-
SHA1
93d0de3389b2dccc2aa4327fedb61d7e404bd527
-
SHA256
20cda7395d07517c9542c32212b8c353085c4e512d1760f22efb711f554d380c
-
SHA512
a8bc96caf66e2c72ddec2903c778a8422a71f587910320fb3839736cbf077592ca69c9df42edcb190fe0e04296e75f2701e283a93196b1eedc73d64e8cd4a99a
Static task
static1
Behavioral task
behavioral1
Sample
E201.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
E201.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
DLLobnova
dllnewheh
https://dsdjfhdsufudhjas.name/gate.php
https://dsdjfhd9ddksaas.com/gate.php
https://dsdjfhdsufudhjas.pw/gate.php
https://dsdjfhd9ddksaas.ru/gate.php
https://dsdjfhdsufudhjas.su/gate.php
https://kdsadisadijdsasm2.com/gate.php
https://dsdjfhdsufudhjas.net/gate.php
https://dsdjfhd9ddksaas.eu/gate.php
Targets
-
-
Target
E201.dll
-
Size
357KB
-
MD5
0ccdbb8625ce02f3b70023367ba727de
-
SHA1
fd2500f7031bab40142ea4500cc45368262962e9
-
SHA256
8f9f67c5070eed97e99e16781b65bd05d0d73222bb25b17b65c769311f7850a2
-
SHA512
ed63c7525ba82d4ea1a16bcea277a7a5fef5da848a15a50d1db65078b0dba094d2525987c5d6e0310b02bc03fbad4c47f5c285e0d43e3ad10a6e79b412489bb6
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-