General
-
Target
zte.dll
-
Size
473KB
-
Sample
201109-31fgec9e6e
-
MD5
00cc931e3c4ce21eaed78d8ee7352c35
-
SHA1
ee66e9cb16520de48a1efe4e09368067d9ee1a78
-
SHA256
98a58a4f1a0b1305c473eeafa6dac80c2e2edd7e8aa8fe6d32ccac81318de1e5
-
SHA512
1ba56fe37631544d8c0238183bf04aed3ffad09999183fef18bb84493502cfc7a3c4109f03062e0ef5b31f00a923e9b8e01eac1e788e52d66b074c2f8f5a16cb
Static task
static1
Behavioral task
behavioral1
Sample
zte.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
zte.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
zte.dll
-
Size
473KB
-
MD5
00cc931e3c4ce21eaed78d8ee7352c35
-
SHA1
ee66e9cb16520de48a1efe4e09368067d9ee1a78
-
SHA256
98a58a4f1a0b1305c473eeafa6dac80c2e2edd7e8aa8fe6d32ccac81318de1e5
-
SHA512
1ba56fe37631544d8c0238183bf04aed3ffad09999183fef18bb84493502cfc7a3c4109f03062e0ef5b31f00a923e9b8e01eac1e788e52d66b074c2f8f5a16cb
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-