General
-
Target
dusmapi7bf.exe
-
Size
201KB
-
Sample
210109-x11fbv57ln
-
MD5
235730a5bbd6d3c5cef4bf0c949b74e8
-
SHA1
e0edbe75a0fdbaff4c4467b5b2a37a281687b0b7
-
SHA256
80b65c87c2af3d8e0fba7ae3901491fb0421a20ce8c33a94e578ba2a8e0fe9c4
-
SHA512
3dc31d2c0eae9be0040cd8bb128c6f21c089f37ecbaf0ea613e4045dceb9886538b0301b1950e091b973807facb92d96586e470ed7a36c158f49082b6a48621d
Static task
static1
Behavioral task
behavioral1
Sample
dusmapi7bf.exe
Resource
win7v20201028
Malware Config
Extracted
zloader
SG
SG
https://notsweets.net/LKhwojehDgwegSDG/gateJKjdsh.php
https://olpons.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://karamelliar.org/LKhwojehDgwegSDG/gateJKjdsh.php
https://dogrunn.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://azoraz.net/LKhwojehDgwegSDG/gateJKjdsh.php
Targets
-
-
Target
dusmapi7bf.exe
-
Size
201KB
-
MD5
235730a5bbd6d3c5cef4bf0c949b74e8
-
SHA1
e0edbe75a0fdbaff4c4467b5b2a37a281687b0b7
-
SHA256
80b65c87c2af3d8e0fba7ae3901491fb0421a20ce8c33a94e578ba2a8e0fe9c4
-
SHA512
3dc31d2c0eae9be0040cd8bb128c6f21c089f37ecbaf0ea613e4045dceb9886538b0301b1950e091b973807facb92d96586e470ed7a36c158f49082b6a48621d
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-