General
-
Target
93F3.zip
-
Size
150KB
-
Sample
201102-est3qwjb7j
-
MD5
7a91d10b40b1d7eb79e0d342fdd5dba0
-
SHA1
ce8fab19df82f87a4ebeac87b634b950ca11edb1
-
SHA256
7803f5f9a69f66bfa725f54cc496cdca4a361e74af222c5aed77e25bd5e78b2c
-
SHA512
149967b252a977725d4944b14bae10df779302d60045a5479cc49defc55323ed45195cd84b6ed4fa1806f2307bb0f7c57e8591e1a9389dc44918fa122a00a63f
Static task
static1
Malware Config
Extracted
zloader
DLLobnova
2020
https://fdsjfjdsfjdsdsjajjs.com/gate.php
https://idisaudhasdhasdj.com/gate.php
https://dsjdjsjdsadhasdas.com/gate.php
https://dsdjfhdsufudhjas.com/gate.php
https://dsdjfhdsufudhjas.info/gate.php
https://fdsjfjdsfjdsdsjajjs.info/gate.php
https://idisaudhasdhasdj.info/gate.php
Targets
-
-
Target
93F3.dll
-
Size
214KB
-
MD5
870a53819f2db3549facbf849717aea7
-
SHA1
e8d3b89e7f943112dca04cb5c37a9d73b3c844c5
-
SHA256
8a237182974d55a414f91a6d657403fafc8b79685ff1a73562758b333aeea590
-
SHA512
fa1e9e1809b52896b454e73107c226ad975e56e72d2f952043706143d5b04766d908bd138599f5c06405af047bf6ac78615f9b2dc6034d61db9967e88a09e1a2
-
Blacklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-