General
-
Target
tsk.dll
-
Size
489KB
-
Sample
201109-vv3m9saala
-
MD5
a09579dd34dbef1b234181c9d780c239
-
SHA1
31e811931d2a5174e0f505f9e6a92e2c752f676c
-
SHA256
7fdd024bec3841eaaf2ac0b352b66380ef74cf47f37c965982d36be948bcf75d
-
SHA512
0208067a7a4e5433fa30739425ca51e08b9972f260d93876f8156f5a914dc6a536e0129edb70e04e60013e4655eeccd6c78c283d51a03febd478e95a4e1fe431
Static task
static1
Behavioral task
behavioral1
Sample
tsk.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
tsk.dll
-
Size
489KB
-
MD5
a09579dd34dbef1b234181c9d780c239
-
SHA1
31e811931d2a5174e0f505f9e6a92e2c752f676c
-
SHA256
7fdd024bec3841eaaf2ac0b352b66380ef74cf47f37c965982d36be948bcf75d
-
SHA512
0208067a7a4e5433fa30739425ca51e08b9972f260d93876f8156f5a914dc6a536e0129edb70e04e60013e4655eeccd6c78c283d51a03febd478e95a4e1fe431
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-