General
-
Target
B9DD.zip
-
Size
150KB
-
Sample
201102-15nrpzrhts
-
MD5
7db5c5879a9f4ad8daec627676455950
-
SHA1
41f8fd920641c315255b830b02e0eeb647b13908
-
SHA256
e0a348e8afde01128ecaf94ab1d6e3ff49b5700282c21b60d6dcb5cac9b4fb27
-
SHA512
dba4d501c7202ea460dfdd5ab703faceb2588c63eaf428154e41802f60aa91890516d13e17af05fd140e4c76a1572e86167ac055e13d9b961327025169007044
Static task
static1
Malware Config
Extracted
zloader
DLLobnova
2020
https://fdsjfjdsfjdsdsjajjs.com/gate.php
https://idisaudhasdhasdj.com/gate.php
https://dsjdjsjdsadhasdas.com/gate.php
https://dsdjfhdsufudhjas.com/gate.php
https://dsdjfhdsufudhjas.info/gate.php
https://fdsjfjdsfjdsdsjajjs.info/gate.php
https://idisaudhasdhasdj.info/gate.php
Targets
-
-
Target
B9DD.dll
-
Size
214KB
-
MD5
870a53819f2db3549facbf849717aea7
-
SHA1
e8d3b89e7f943112dca04cb5c37a9d73b3c844c5
-
SHA256
8a237182974d55a414f91a6d657403fafc8b79685ff1a73562758b333aeea590
-
SHA512
fa1e9e1809b52896b454e73107c226ad975e56e72d2f952043706143d5b04766d908bd138599f5c06405af047bf6ac78615f9b2dc6034d61db9967e88a09e1a2
-
Blacklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-