General
-
Target
EQq5Mu9U.exe
-
Size
440KB
-
Sample
201202-6crv4myx46
-
MD5
7784c1f0ad355b7c60213ce7a6904653
-
SHA1
17743db7539bd4f95ae98b335c68a6bfc8f6c74e
-
SHA256
47dd6855869ea0ad0cc43dddc110eb54f1b399dedfb337a8b88dead4914ec609
-
SHA512
50547a2b94b04bad6b4f0b6cd9437e33c983a5beca6841b5b552de9e84c1a7d7d8c3e39c5a070632f67838deddd9a2a915e1ed29124b6678f7d4ca876f089368
Static task
static1
Behavioral task
behavioral1
Sample
EQq5Mu9U.exe.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
nut
02/12
https://www.alhasanatbooks.com/reader.php
https://aflim.org.ng/wp-punch.php
https://sardarmohammad.com/reports.php
https://erikarabelo.com.br/server.php
https://thechapelofthehealingcross.org/java.php
https://grebcanualcwilfprofal.ml/wp-smarts.php
Targets
-
-
Target
EQq5Mu9U.exe
-
Size
440KB
-
MD5
7784c1f0ad355b7c60213ce7a6904653
-
SHA1
17743db7539bd4f95ae98b335c68a6bfc8f6c74e
-
SHA256
47dd6855869ea0ad0cc43dddc110eb54f1b399dedfb337a8b88dead4914ec609
-
SHA512
50547a2b94b04bad6b4f0b6cd9437e33c983a5beca6841b5b552de9e84c1a7d7d8c3e39c5a070632f67838deddd9a2a915e1ed29124b6678f7d4ca876f089368
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-