General
-
Target
tsk.dll
-
Size
489KB
-
Sample
201109-a88rh4l75e
-
MD5
77779688d09b2ea44e7f1503dc9c929f
-
SHA1
3aaef84631f3ffc271f63a8b1baaa28eeafcbe9b
-
SHA256
766cc7d7c03d46d2f167e31bba8d61d6c572f29c97ace7cf4be6e07f083959f6
-
SHA512
f27955f65e626681a347e06e5864d67dad2f8f0a832122f62728bc8f0ed5178c9ad19bdb6cc76c7dfa7e49331b0832a6c4cbdfe07a26dd2dd985bcfab309428d
Static task
static1
Behavioral task
behavioral1
Sample
tsk.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
tsk.dll
-
Size
489KB
-
MD5
77779688d09b2ea44e7f1503dc9c929f
-
SHA1
3aaef84631f3ffc271f63a8b1baaa28eeafcbe9b
-
SHA256
766cc7d7c03d46d2f167e31bba8d61d6c572f29c97ace7cf4be6e07f083959f6
-
SHA512
f27955f65e626681a347e06e5864d67dad2f8f0a832122f62728bc8f0ed5178c9ad19bdb6cc76c7dfa7e49331b0832a6c4cbdfe07a26dd2dd985bcfab309428d
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-