General
-
Target
s.dll
-
Size
1.0MB
-
Sample
201109-th2h7wr3zj
-
MD5
ff1ad63517df53adaefcbeecf71311a1
-
SHA1
69e3f9bbbf147d317da8bd59de3cdb3ca9043c6d
-
SHA256
6593fa326b8eb0b737a17889c50c539ac45f2f9215fdab50ffa62df1be7ec2d1
-
SHA512
f6de532a3fdb91dcfacd11442f80876037f4d6d0a382ac891ef0b03e5131596b7d3554d04d55d0d4f71a8990b2298da7bd344804f422e7cb909a981f83e7bc52
Static task
static1
Behavioral task
behavioral1
Sample
s.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
miguel
14/05
https://kickapoochiefsfootball.com/wp-parser.php
https://appsbispo.tk/wp-parser.php
http://staging4.allemny.net/wp-parser.php
https://dinghaomcc.com/wp-parser.php
https://bondarenkopjatk.ru/wp-parser.php
http://euromix.com.ua/wp-parser.php
Targets
-
-
Target
s.dll
-
Size
1.0MB
-
MD5
ff1ad63517df53adaefcbeecf71311a1
-
SHA1
69e3f9bbbf147d317da8bd59de3cdb3ca9043c6d
-
SHA256
6593fa326b8eb0b737a17889c50c539ac45f2f9215fdab50ffa62df1be7ec2d1
-
SHA512
f6de532a3fdb91dcfacd11442f80876037f4d6d0a382ac891ef0b03e5131596b7d3554d04d55d0d4f71a8990b2298da7bd344804f422e7cb909a981f83e7bc52
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-