General
-
Target
earshot.dll
-
Size
858KB
-
Sample
201109-fxxhvcszh6
-
MD5
d1b4b311fd49c228ed5f66c72023fd8e
-
SHA1
bee08a27d939c6d914d2c3494e689332bfa75821
-
SHA256
30e772385fc3887fdd1ef1e358dc05cc83da655ecf53257800daf5d68ae430fd
-
SHA512
21135bebc49b511f28047db2afac3df74f2a64046494abf7572663392adb32bbac2e701590e75a2b4ef0dde0bdd5eb39ffc931758014772efb06f7c04c9b022e
Static task
static1
Behavioral task
behavioral1
Sample
earshot.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
earshot.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
main
26.04.2020
https://coult.org/sound.php
https://chorbly.org/sound.php
https://kodray.org/sound.php
https://retualeigh.com/sound.php
https://grually.com/sound.php
https://footmess.com/sound.php
https://rarigussa.com/sound.php
https://pacallse.com/sound.php
Targets
-
-
Target
earshot.dll
-
Size
858KB
-
MD5
d1b4b311fd49c228ed5f66c72023fd8e
-
SHA1
bee08a27d939c6d914d2c3494e689332bfa75821
-
SHA256
30e772385fc3887fdd1ef1e358dc05cc83da655ecf53257800daf5d68ae430fd
-
SHA512
21135bebc49b511f28047db2afac3df74f2a64046494abf7572663392adb32bbac2e701590e75a2b4ef0dde0bdd5eb39ffc931758014772efb06f7c04c9b022e
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-