General
-
Target
a4f301e24371f819fca733a5ff62341f0455ebc14afff6fc7d1dcee736dbe9e5.zloader.dll
-
Size
367KB
-
Sample
201208-3pgbmk8pr6
-
MD5
f444b7d8129efac76e4d0fd557b2f674
-
SHA1
879270064a5b4834b3828a5cd7ed08537bc04287
-
SHA256
a4f301e24371f819fca733a5ff62341f0455ebc14afff6fc7d1dcee736dbe9e5
-
SHA512
ec46e467f1b42daa02a12b3f5403869cc3298c626beceee5b9c073d576eaa056e442fff829dac79b417d79457f3e0a8668b5aa8d50d722dca18558dce46efe28
Static task
static1
Malware Config
Extracted
zloader
nut
08/12
https://nature4health.id/wp-punch.php
https://maschuquisaca.tk/wp-punch.php
https://serproimsas.com/wp-punch.php
https://agrospas.co.rs/wp-punch.php
https://fnxcrypto.com/server.php
https://lywakelireal.ga/wp-smarts.php
Targets
-
-
Target
a4f301e24371f819fca733a5ff62341f0455ebc14afff6fc7d1dcee736dbe9e5.zloader.dll
-
Size
367KB
-
MD5
f444b7d8129efac76e4d0fd557b2f674
-
SHA1
879270064a5b4834b3828a5cd7ed08537bc04287
-
SHA256
a4f301e24371f819fca733a5ff62341f0455ebc14afff6fc7d1dcee736dbe9e5
-
SHA512
ec46e467f1b42daa02a12b3f5403869cc3298c626beceee5b9c073d576eaa056e442fff829dac79b417d79457f3e0a8668b5aa8d50d722dca18558dce46efe28
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-