General
-
Target
SecuriteInfo.com.Win32.Kryptik.HDZG.963
-
Size
473KB
-
Sample
201109-5mjz8zx2bs
-
MD5
f55253f13e979f8a56ae0b2da4f4dc9d
-
SHA1
50c4190dcad195f06d4cc8cd834bbda45765e1f3
-
SHA256
8cef73774b9cbc3a63d6212cc1361b9b77c3dfc05d815730e2132535ebadaaa5
-
SHA512
9ade05dd406a522b6976b7de68547b06930345831218f5102924ddfe75309562c65cc8cabe8ba43c8ec7cd521dd99411534d30036d9f25f59156b5e24c1e7430
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.Kryptik.HDZG.963.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
SecuriteInfo.com.Win32.Kryptik.HDZG.963
-
Size
473KB
-
MD5
f55253f13e979f8a56ae0b2da4f4dc9d
-
SHA1
50c4190dcad195f06d4cc8cd834bbda45765e1f3
-
SHA256
8cef73774b9cbc3a63d6212cc1361b9b77c3dfc05d815730e2132535ebadaaa5
-
SHA512
9ade05dd406a522b6976b7de68547b06930345831218f5102924ddfe75309562c65cc8cabe8ba43c8ec7cd521dd99411534d30036d9f25f59156b5e24c1e7430
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-