General
-
Target
zte.dll
-
Size
473KB
-
Sample
201109-4bmfvmxrp6
-
MD5
7e1595e753e84d97a8ac8920df770234
-
SHA1
8846acda4ea6bebed747c309753ff072f4689fb1
-
SHA256
c28329c132b846b91caaa0c8fc5f8e5b6bf78275772ceee6bea7970bf3de8050
-
SHA512
5e83610805197f8b5c34ff0dcbd3c83a658e759f170bd020e52f861ddf7a5ae60156343a3cda060726861e00260336f4ad87938964cbec57ea38ad43f435029b
Static task
static1
Behavioral task
behavioral1
Sample
zte.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
zte.dll
-
Size
473KB
-
MD5
7e1595e753e84d97a8ac8920df770234
-
SHA1
8846acda4ea6bebed747c309753ff072f4689fb1
-
SHA256
c28329c132b846b91caaa0c8fc5f8e5b6bf78275772ceee6bea7970bf3de8050
-
SHA512
5e83610805197f8b5c34ff0dcbd3c83a658e759f170bd020e52f861ddf7a5ae60156343a3cda060726861e00260336f4ad87938964cbec57ea38ad43f435029b
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-