General
-
Target
zte(1).dll
-
Size
473KB
-
Sample
201109-vfx6j1jgga
-
MD5
d3b52650de0ec3f5705f92e313717c1b
-
SHA1
bf54d6be7f59dbaa0add9e4a0615736d99ceeca3
-
SHA256
66d4f17726f5853e6127da6c02b6760f5cabbcf2793673d0db6b93517a537a78
-
SHA512
6db7afc67356e477e303667436dd0792639d2153e3a94253e91a8b07e38e490b6b8142c45815dfed59171f0ac1553781028348acbbb3027c65616dfba20600b5
Static task
static1
Behavioral task
behavioral1
Sample
zte(1).dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
zte(1).dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
zte(1).dll
-
Size
473KB
-
MD5
d3b52650de0ec3f5705f92e313717c1b
-
SHA1
bf54d6be7f59dbaa0add9e4a0615736d99ceeca3
-
SHA256
66d4f17726f5853e6127da6c02b6760f5cabbcf2793673d0db6b93517a537a78
-
SHA512
6db7afc67356e477e303667436dd0792639d2153e3a94253e91a8b07e38e490b6b8142c45815dfed59171f0ac1553781028348acbbb3027c65616dfba20600b5
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-