General
-
Target
t.dll
-
Size
931KB
-
Sample
201109-432c3hqcsa
-
MD5
d97340776c76a6a02c7195bdc0a856b7
-
SHA1
330545c5092c3a991bf1612abc228117f8a64b8f
-
SHA256
1267b822cde1edabfc063458232a5ed9ea03652416de96b8d12ecb1058c86e23
-
SHA512
1283f2bc82b5875c27641c5a5a216313442cb861608f7e0edb1978a12bf0b63fe68ce9e8303f8038b13a00b0422c128730eb7d034793d6b8518d63bb6ef0598e
Static task
static1
Behavioral task
behavioral1
Sample
t.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
miguel
26/05
https://cripuntisispoi.tk/wp-parser.php
https://unesrafho.cf/wp-parser.php
http://sannyjewelry.ir/wp-parser.php
http://printgenerator.sundaytimes.lk/wp-parser.php
Targets
-
-
Target
t.dll
-
Size
931KB
-
MD5
d97340776c76a6a02c7195bdc0a856b7
-
SHA1
330545c5092c3a991bf1612abc228117f8a64b8f
-
SHA256
1267b822cde1edabfc063458232a5ed9ea03652416de96b8d12ecb1058c86e23
-
SHA512
1283f2bc82b5875c27641c5a5a216313442cb861608f7e0edb1978a12bf0b63fe68ce9e8303f8038b13a00b0422c128730eb7d034793d6b8518d63bb6ef0598e
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-