General
-
Target
fWpzyAgQmxvltIt.zip
-
Size
205KB
-
Sample
201030-vkpypkaq5a
-
MD5
b3f6122000cce3bb0f601ec86f646205
-
SHA1
64725c410f713b2d1bfb7baef624948b8259257d
-
SHA256
5d5eba72c6d49f9cd51721fb446208f4b53c926e35fbe3c51423982f0283cb52
-
SHA512
219c297ec822d606771f62c9fee9e9e59c0cca50a0f6f01c171b53134b361c06af0b23bd0f34e10bbee0db6772d2c2b38d881756d48b1522297d496e683345c1
Static task
static1
Behavioral task
behavioral1
Sample
fWpzyAgQmxvltIt.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
fWpzyAgQmxvltIt.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
main
07.04.2020
https://mioniough.com/sound.php
https://ergensu.com/sound.php
https://purots.com/sound.php
https://lipurf.com/sound.php
https://vacontd.com/sound.php
https://zelacarths.com/sound.php
Targets
-
-
Target
fWpzyAgQmxvltIt.dll
-
Size
841KB
-
MD5
67dbc292bf899109f44e52fa3b9d2a3e
-
SHA1
f327847059784ce84e92a10098eb979daf5f317b
-
SHA256
7af7f0a46e466b448270f959f4e1a3af964d22b609100536703e299d7618bf2d
-
SHA512
3c5b66e2523d72073be6714e57e34b2157248a7e1b2fa91f96828222f471c1dc1b0ebff3eabdb269cdde2bb8361dd9ec7bfa211f50a3267c6b11029598c76d35
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-