General
-
Target
dok.dll
-
Size
489KB
-
Sample
201109-bcpfn6lyze
-
MD5
555b6f428755250c3f9e031829f7b1db
-
SHA1
e6c85e51373e67cc8f89465ebc564de80084a3a2
-
SHA256
ff1ff76de533d2a904dea68e2c7b27d9f346a2bddedd3ab12a9181f6dbba55b2
-
SHA512
bb1753d6473ebc9091d328ffc363dd6666741c31f784273223ed498a6f4ae471558b6ac4f9aec89da2356afa7cd49326ccbc4fcdf466fd6efbcdd82388810474
Static task
static1
Behavioral task
behavioral1
Sample
dok.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
dok.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
dok.dll
-
Size
489KB
-
MD5
555b6f428755250c3f9e031829f7b1db
-
SHA1
e6c85e51373e67cc8f89465ebc564de80084a3a2
-
SHA256
ff1ff76de533d2a904dea68e2c7b27d9f346a2bddedd3ab12a9181f6dbba55b2
-
SHA512
bb1753d6473ebc9091d328ffc363dd6666741c31f784273223ed498a6f4ae471558b6ac4f9aec89da2356afa7cd49326ccbc4fcdf466fd6efbcdd82388810474
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-