General
-
Target
FJGQ.dll
-
Size
367KB
-
Sample
201208-1xcnasaj32
-
MD5
4e77416c8722b6a2bb4d2c557f18c163
-
SHA1
9c40862d15470e8b71861a7bde057db42b6c5597
-
SHA256
62e2111f572b8d095eae0415d4164f8055133e3da43e8b0c0b9cbd9ab3af967a
-
SHA512
e952cccfd1b7ebb946565f9a7486bddd857f0c9b38da9f665492f33053b342e376127d778a3b821c7f3d252222e6ef2ed20fbb69aac768715bf70bc66d3c7af9
Static task
static1
Malware Config
Extracted
zloader
nut
08/12
https://nature4health.id/wp-punch.php
https://maschuquisaca.tk/wp-punch.php
https://serproimsas.com/wp-punch.php
https://agrospas.co.rs/wp-punch.php
https://fnxcrypto.com/server.php
https://lywakelireal.ga/wp-smarts.php
Targets
-
-
Target
FJGQ.dll
-
Size
367KB
-
MD5
4e77416c8722b6a2bb4d2c557f18c163
-
SHA1
9c40862d15470e8b71861a7bde057db42b6c5597
-
SHA256
62e2111f572b8d095eae0415d4164f8055133e3da43e8b0c0b9cbd9ab3af967a
-
SHA512
e952cccfd1b7ebb946565f9a7486bddd857f0c9b38da9f665492f33053b342e376127d778a3b821c7f3d252222e6ef2ed20fbb69aac768715bf70bc66d3c7af9
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-