General
-
Target
spam20.zip
-
Size
245KB
-
Sample
201031-z3tgqqzt76
-
MD5
68dba7849a17cedd2a01d83747361977
-
SHA1
38ed165a12de392dce2ef71b1d03accb59add386
-
SHA256
81ea4700e1743391fa6b56be2969c944c8451ec81215f7a0cbf88537e4108157
-
SHA512
5bfed6c349a06f1d674a85a1d4343a7096ff97b400ad53347c44b7753c97a219f9207aedffcf7b7947fdbfddc7c2f63b6c48ce19fe91212684d06a91cfeaeff0
Static task
static1
Behavioral task
behavioral1
Sample
spam20.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
crypto1
crypto
http://wmwifbajxxbcxmucxmlc.com/post.php
http://ojnxjgfjlftfkkuxxiqd.com/post.php
http://pwkqhdgytsshkoibaake.com/post.php
http://snnmnkxdhflwgthqismb.com/post.php
http://iawfqecrwohcxnhwtofa.com/post.php
http://nlbmfsyplohyaicmxhum.com/post.php
http://fvqlkgedqjiqgapudkgq.com/post.php
http://cmmxhurildiigqghlryq.com/post.php
http://nmqsmbiabjdnuushksas.com/post.php
http://fyratyubvflktyyjiqgq.com/post.php
Targets
-
-
Target
spam20.dll
-
Size
358KB
-
MD5
6501006a6d47bc73976db9f3385c3c46
-
SHA1
53082a7fa62dc4fe54586df6a6e481fe8beca1aa
-
SHA256
c55e3938e9c2c9d00235d8ed87a55adc18fa1c6377a9ee0fd6212916c67d0020
-
SHA512
df63e60f12d153e16b78464162dbd5d052192a1e09814eb91e21d28256a652ae04eb7ccdaf4022c95c9779edfbe15df7a708717a1c247cfe2d16e8d9f911bf0c
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-