General
-
Target
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.23695
-
Size
473KB
-
Sample
201109-jrw5cp51na
-
MD5
3c8d0fa42b32a675dfa86ce499e61ac9
-
SHA1
116eb8b93fa58eea37d01d54373c65ffa62345a6
-
SHA256
f597ea8c2c3e972b738ead83e50952850c3040921d58c45727e89364c27a1a67
-
SHA512
83bcb316667612244e970fc42537f5e51d2403425e214b30d58338c1ad1f00b335a77e99c7d9d3a399fc142b70860c6814fab8720229e8b34fe12df0d8c06c2a
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.23695.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.23695.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.23695
-
Size
473KB
-
MD5
3c8d0fa42b32a675dfa86ce499e61ac9
-
SHA1
116eb8b93fa58eea37d01d54373c65ffa62345a6
-
SHA256
f597ea8c2c3e972b738ead83e50952850c3040921d58c45727e89364c27a1a67
-
SHA512
83bcb316667612244e970fc42537f5e51d2403425e214b30d58338c1ad1f00b335a77e99c7d9d3a399fc142b70860c6814fab8720229e8b34fe12df0d8c06c2a
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-