General
-
Target
SecuriteInfo.com.Trojan.GenericKDZ.67644.486.11817
-
Size
489KB
-
Sample
201109-ydwwbatpsn
-
MD5
60d45d6e7a7d38dc5e9d0a778144cfcf
-
SHA1
15a1f24bccaff31ba1ad3d370f43b6c30736b982
-
SHA256
cafda1824f1e8bb323004bb1bc12d6b34312c34df1ce967568c8fffeec7871b4
-
SHA512
a2b5fe48d33fbefa6d9e1104a629925be525fc76a827e367aeac8bfcdb60e91725e1da017e0883838cffd6af1458c7520ef781fb1febb9ff672ccac4cbb44c56
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKDZ.67644.486.11817.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKDZ.67644.486.11817.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKDZ.67644.486.11817
-
Size
489KB
-
MD5
60d45d6e7a7d38dc5e9d0a778144cfcf
-
SHA1
15a1f24bccaff31ba1ad3d370f43b6c30736b982
-
SHA256
cafda1824f1e8bb323004bb1bc12d6b34312c34df1ce967568c8fffeec7871b4
-
SHA512
a2b5fe48d33fbefa6d9e1104a629925be525fc76a827e367aeac8bfcdb60e91725e1da017e0883838cffd6af1458c7520ef781fb1febb9ff672ccac4cbb44c56
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-