General
-
Target
0ca3b4ee1aa867af5d11353897c29242.exe
-
Size
2.3MB
-
Sample
201109-76tp162886
-
MD5
0ca3b4ee1aa867af5d11353897c29242
-
SHA1
61208451065c6a91b06db9b3760e9582a4146ae0
-
SHA256
06af9181e00d6d9fcdea30e8895603620d073c841871905ac76bc0cb2f99d096
-
SHA512
59dd9414f5bc51edd8599ad663fcbb0e3779e5d59410e1d9bd0aec1ec233daf7be0c43744965125450ee9c0341c4c40f6cbeaa399f4dcba2fc12b830242f930d
Static task
static1
Behavioral task
behavioral1
Sample
0ca3b4ee1aa867af5d11353897c29242.exe
Resource
win7v20201028
Malware Config
Extracted
zloader
bot7
bot7
https://militanttra.at/owg.php
Targets
-
-
Target
0ca3b4ee1aa867af5d11353897c29242.exe
-
Size
2.3MB
-
MD5
0ca3b4ee1aa867af5d11353897c29242
-
SHA1
61208451065c6a91b06db9b3760e9582a4146ae0
-
SHA256
06af9181e00d6d9fcdea30e8895603620d073c841871905ac76bc0cb2f99d096
-
SHA512
59dd9414f5bc51edd8599ad663fcbb0e3779e5d59410e1d9bd0aec1ec233daf7be0c43744965125450ee9c0341c4c40f6cbeaa399f4dcba2fc12b830242f930d
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-