General
-
Target
Agree.dll
-
Size
367KB
-
Sample
201208-bd6v35tm6x
-
MD5
b8486dcef44c59a2652378724ef2a995
-
SHA1
1a71166669aa8810474fcb6700851175c643bd30
-
SHA256
35466f0c22f220890b932e59f9a21032712e8260343d13ad4c0d9560db3b638f
-
SHA512
70da95fda92ff4e1f4157a747e50dc311cf1e3add4b4a3fd8da6c2c752b5fa7b6572f860d069630792804d0a45479e84dee86be0129994fa5ef3a83657fd003e
Static task
static1
Behavioral task
behavioral1
Sample
Agree.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
nut
08/12
https://nature4health.id/wp-punch.php
https://maschuquisaca.tk/wp-punch.php
https://serproimsas.com/wp-punch.php
https://agrospas.co.rs/wp-punch.php
https://fnxcrypto.com/server.php
https://lywakelireal.ga/wp-smarts.php
Targets
-
-
Target
Agree.dll
-
Size
367KB
-
MD5
b8486dcef44c59a2652378724ef2a995
-
SHA1
1a71166669aa8810474fcb6700851175c643bd30
-
SHA256
35466f0c22f220890b932e59f9a21032712e8260343d13ad4c0d9560db3b638f
-
SHA512
70da95fda92ff4e1f4157a747e50dc311cf1e3add4b4a3fd8da6c2c752b5fa7b6572f860d069630792804d0a45479e84dee86be0129994fa5ef3a83657fd003e
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-