General
-
Target
gbs.dll
-
Size
490KB
-
Sample
201109-4r7rt42xd2
-
MD5
7e6b567873d7922bb8e168e56fdc8f17
-
SHA1
e5204f9a8a106b8e1c931c32226d1904dd0b4fda
-
SHA256
f9604372c577e72a1560e02bede724a35e0f011406fe19f409083a59867850ac
-
SHA512
635fa8c1e723b6fa0adb0043e9d0949990801e6f839ba740fa074db534a5c04cf484eeacf4dc4caa7df01232dcece7cf46e780332e91b2bf126f37f3c0cda3ed
Static task
static1
Behavioral task
behavioral1
Sample
gbs.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
gbs.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
gbs.dll
-
Size
490KB
-
MD5
7e6b567873d7922bb8e168e56fdc8f17
-
SHA1
e5204f9a8a106b8e1c931c32226d1904dd0b4fda
-
SHA256
f9604372c577e72a1560e02bede724a35e0f011406fe19f409083a59867850ac
-
SHA512
635fa8c1e723b6fa0adb0043e9d0949990801e6f839ba740fa074db534a5c04cf484eeacf4dc4caa7df01232dcece7cf46e780332e91b2bf126f37f3c0cda3ed
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-