General
-
Target
wwf.exe
-
Size
2.3MB
-
Sample
201109-q9f4m8gaae
-
MD5
c559546a1633a07dc280fb0f09f1bd46
-
SHA1
461b0386f0fe686954a9fc3d2db092aeb075d64d
-
SHA256
5b23cf5a82a32b3cbde35d498665f99c1ae92a1bed50e23e80a5f2dae923b0a6
-
SHA512
94e8afc722ccc62df75d2d7d81fc1426378c32e42c59e1457a5d6879ac1d9e6d5e4ee2fe33281ddc2279323a9a93377595ac428d6e2aa7cb01ddad32a6d45b34
Static task
static1
Behavioral task
behavioral1
Sample
wwf.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
wwf.exe
Resource
win10v20201028
Malware Config
Extracted
zloader
bot7
bot7
https://militanttra.at/owg.php
Targets
-
-
Target
wwf.exe
-
Size
2.3MB
-
MD5
c559546a1633a07dc280fb0f09f1bd46
-
SHA1
461b0386f0fe686954a9fc3d2db092aeb075d64d
-
SHA256
5b23cf5a82a32b3cbde35d498665f99c1ae92a1bed50e23e80a5f2dae923b0a6
-
SHA512
94e8afc722ccc62df75d2d7d81fc1426378c32e42c59e1457a5d6879ac1d9e6d5e4ee2fe33281ddc2279323a9a93377595ac428d6e2aa7cb01ddad32a6d45b34
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-