General
-
Target
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.21485
-
Size
473KB
-
Sample
201109-w7j7jfjjy6
-
MD5
586d417cc39babf4f4601e9a8c028f49
-
SHA1
e52cdde1d5c73be9a54be254b1153305e908e3ff
-
SHA256
8987107698e6ef8ca9a6804206ea40fcaf9f3869d3e9569e9fbfab2621b69126
-
SHA512
c08c1c7efe424b90a5dbb66aafd0dae5030364026f01e09270f5f22c5c79d74d06dfc9ab7adf7753fe70a2ff23e91008b74b04dea1f70d43869a34ea42b8a276
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.21485.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.21485.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
SecuriteInfo.com.Gen.NN.ZedlaF.34128.Dy8@ayCr2pgi.21485
-
Size
473KB
-
MD5
586d417cc39babf4f4601e9a8c028f49
-
SHA1
e52cdde1d5c73be9a54be254b1153305e908e3ff
-
SHA256
8987107698e6ef8ca9a6804206ea40fcaf9f3869d3e9569e9fbfab2621b69126
-
SHA512
c08c1c7efe424b90a5dbb66aafd0dae5030364026f01e09270f5f22c5c79d74d06dfc9ab7adf7753fe70a2ff23e91008b74b04dea1f70d43869a34ea42b8a276
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-