General
-
Target
zte(1).dll
-
Size
473KB
-
Sample
201109-pg6cpaqwna
-
MD5
13b3e008d5b8996c34a9247fbc412aa9
-
SHA1
6bcfb4f6385a4a78d39514763ed203ec7d4dc59f
-
SHA256
fa240d61efeb769d33cc081f2086ae6b65cda847a80440c82d97867fd1fbd6ab
-
SHA512
ee79fcdec5d4365a4a1d43cd60245917ac3a4128149d7c9666bccad7466e46d111d2c2901988643a835e2681011319909626d7f37dc12b3b6cbd20fa5b1efe30
Static task
static1
Behavioral task
behavioral1
Sample
zte(1).dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
zte(1).dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
zte(1).dll
-
Size
473KB
-
MD5
13b3e008d5b8996c34a9247fbc412aa9
-
SHA1
6bcfb4f6385a4a78d39514763ed203ec7d4dc59f
-
SHA256
fa240d61efeb769d33cc081f2086ae6b65cda847a80440c82d97867fd1fbd6ab
-
SHA512
ee79fcdec5d4365a4a1d43cd60245917ac3a4128149d7c9666bccad7466e46d111d2c2901988643a835e2681011319909626d7f37dc12b3b6cbd20fa5b1efe30
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-