General
-
Target
zte(1).dll
-
Size
473KB
-
Sample
201109-8c39cpggjn
-
MD5
76119c4aa12ef9f24b32a78e802d8636
-
SHA1
b4d5ef5ae3a92ceb4b9a21dc13d7e84a998ab4e2
-
SHA256
6758e40ac447186fc8390e3814d81c4b90b3ec89b20c5db2b2c6ebda9d6df41e
-
SHA512
eb2fe95883f6de57545acb6403bc6387cfa2a8572e58cb4bacf4d889be14fd5505bd0a8e587e9b7b3bc4d12fdc8ea44b1fbf1dae57bbda9d2d384958c2e2e082
Static task
static1
Behavioral task
behavioral1
Sample
zte(1).dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
zte(1).dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
zte(1).dll
-
Size
473KB
-
MD5
76119c4aa12ef9f24b32a78e802d8636
-
SHA1
b4d5ef5ae3a92ceb4b9a21dc13d7e84a998ab4e2
-
SHA256
6758e40ac447186fc8390e3814d81c4b90b3ec89b20c5db2b2c6ebda9d6df41e
-
SHA512
eb2fe95883f6de57545acb6403bc6387cfa2a8572e58cb4bacf4d889be14fd5505bd0a8e587e9b7b3bc4d12fdc8ea44b1fbf1dae57bbda9d2d384958c2e2e082
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-