General
-
Target
uOUcRwG.bin
-
Size
536KB
-
Sample
201109-mtzcldpq1e
-
MD5
5f876d0f7e22485ed0d5b5e55d464a29
-
SHA1
1a6f7f166ba0cd568c3fa8bc8984940807fc8c24
-
SHA256
9e2fa4b7f6deb04ea27330c49288b59646737eea5c37d21acc2d4433054b9e4e
-
SHA512
e4356943be247753259ad9808e63bfa96b10b72c3d9f141769db3cb269f98b1a4a5b61038fd99f655bf1411ed2b06af5e5ee8a3a0d1574a3cfe57a6c4397ee76
Static task
static1
Behavioral task
behavioral1
Sample
uOUcRwG.bin.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
uOUcRwG.bin.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
uOUcRwG.bin
-
Size
536KB
-
MD5
5f876d0f7e22485ed0d5b5e55d464a29
-
SHA1
1a6f7f166ba0cd568c3fa8bc8984940807fc8c24
-
SHA256
9e2fa4b7f6deb04ea27330c49288b59646737eea5c37d21acc2d4433054b9e4e
-
SHA512
e4356943be247753259ad9808e63bfa96b10b72c3d9f141769db3cb269f98b1a4a5b61038fd99f655bf1411ed2b06af5e5ee8a3a0d1574a3cfe57a6c4397ee76
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-