General
-
Target
bbc.dll
-
Size
473KB
-
Sample
201109-nwzherrspa
-
MD5
4cedb4a7ace571ba6316916faee06cbf
-
SHA1
a4c5c4399d4f9f7ecee1f9d5873d40e2f675b0c1
-
SHA256
357daeadd3326ed203a6ac733b1ba77f26b2f005c0b7fa448545cdb47be28fc2
-
SHA512
b72a4a261b614ef930924ebb3138f25489586d9380a965d7cebb7d9f204fcaf513705a8a6744d87ce68957bf3ee122c74c484af7ac9372fab06da7cea31ede21
Static task
static1
Behavioral task
behavioral1
Sample
bbc.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
bbc.dll
-
Size
473KB
-
MD5
4cedb4a7ace571ba6316916faee06cbf
-
SHA1
a4c5c4399d4f9f7ecee1f9d5873d40e2f675b0c1
-
SHA256
357daeadd3326ed203a6ac733b1ba77f26b2f005c0b7fa448545cdb47be28fc2
-
SHA512
b72a4a261b614ef930924ebb3138f25489586d9380a965d7cebb7d9f204fcaf513705a8a6744d87ce68957bf3ee122c74c484af7ac9372fab06da7cea31ede21
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-