General
-
Target
aZelFYRMJfWsCZz.zip
-
Size
147KB
-
Sample
201031-5mxe2r4vmj
-
MD5
16085e889fd658f89d32b83ef230025e
-
SHA1
2ed5f6da612b09fcbe311146b068be1d1a441516
-
SHA256
60ab3eae92458846410cdaec25029e4c9f62c61e3b1f2c0c41e636a426817a79
-
SHA512
eddb45dbfa1b382c9f885ced68800eab9a36454583ee096c506104ba2c63a7551e1eff36a65a1f9d1d427b9acb4043e6aa57536d13b848b3fed9aeb49a6a64d2
Static task
static1
Behavioral task
behavioral1
Sample
aZelFYRMJfWsCZz.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
aZelFYRMJfWsCZz.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
main
29.03.2020
https://postgringos.com/sound.php
https://tetraslims.com/sound.php
https://greenrumba.com/sound.php
https://starterdatas.com/sound.php
https://nexycombats.com/sound.php
https://peermems.com/sound.php
https://fotonums.com/sound.php
https://hibsurf.com/sound.php
https://buhismus.com/sound.php
https://spensores.com/sound.php
Targets
-
-
Target
aZelFYRMJfWsCZz.dll
-
Size
829KB
-
MD5
24f98dee17042e0bd3f723f7bbfa839f
-
SHA1
10123cbacb225b078c8e0a847da9e020bc0119e1
-
SHA256
8542bf1c3c7532f11fc39b4b6a20a08ef5bd0c8d42e3262028d4ffdbc5aa88f8
-
SHA512
0db0794e2547015695e40db1d419c944f1d955aa3f3ae3b673900f995b9a45126097f4a6a6029dbe7bfb87ed694bc024f720b05172332b1f41a8600a8bfd3b6f
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-