General
-
Target
yn.dll
-
Size
404KB
-
Sample
201109-1klh8898yj
-
MD5
a3d9b510e2e17f4ea08aa9f74b54e6b5
-
SHA1
78f875eabdca337c3526e52ba324902e7a148ce6
-
SHA256
a5e798492ba6892a57c79c635679563eceacb6d1efcc38f5dfc0232518861ca8
-
SHA512
271db785f09d03f33c1931d2482c12ec3a7239125f433caab8c2257c29d7fbd702d9daf1f82c7b5654025a22ee223d92c4140082528ace0412c1b656f0d919c4
Static task
static1
Behavioral task
behavioral1
Sample
yn.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
miguel
03/06
https://ticlatchmisrato.tk/wp-parser.php
https://gahotimaskever.ga/wp-parser.php
http://cld.kazgau.com/wp-parser.php
https://cmso.med.cmu.ac.th/wp-parser.php
http://veamor.net/wp-parser.php
Targets
-
-
Target
yn.dll
-
Size
404KB
-
MD5
a3d9b510e2e17f4ea08aa9f74b54e6b5
-
SHA1
78f875eabdca337c3526e52ba324902e7a148ce6
-
SHA256
a5e798492ba6892a57c79c635679563eceacb6d1efcc38f5dfc0232518861ca8
-
SHA512
271db785f09d03f33c1931d2482c12ec3a7239125f433caab8c2257c29d7fbd702d9daf1f82c7b5654025a22ee223d92c4140082528ace0412c1b656f0d919c4
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-