General
-
Target
SecuriteInfo.com.Variant.Johnnie.253352.32494.27165
-
Size
536KB
-
Sample
201109-sn1f7nvvq2
-
MD5
2088bda3a4d241d5b4d2769afd4f78e0
-
SHA1
1db36876eff5b34fb0938b40dd1718dd4dfc36f0
-
SHA256
d397fdc436fc68456b7d3887a21965139ccc4704e145fad800ffffd14851f9a6
-
SHA512
2938b3d2fccb8d949f3847d8890fe581ad892a69963426c7be6ebac470378dcea08be81e53c2ce4aac89786f8d855be9dd26e732230f6295feea45e8770dd096
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Johnnie.253352.32494.27165.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
SecuriteInfo.com.Variant.Johnnie.253352.32494.27165
-
Size
536KB
-
MD5
2088bda3a4d241d5b4d2769afd4f78e0
-
SHA1
1db36876eff5b34fb0938b40dd1718dd4dfc36f0
-
SHA256
d397fdc436fc68456b7d3887a21965139ccc4704e145fad800ffffd14851f9a6
-
SHA512
2938b3d2fccb8d949f3847d8890fe581ad892a69963426c7be6ebac470378dcea08be81e53c2ce4aac89786f8d855be9dd26e732230f6295feea45e8770dd096
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-