General
-
Target
SEA LION LOGISTICS-URGENT QUOTATION.exe
-
Size
1.8MB
-
Sample
210111-m9msg391ln
-
MD5
cbde8f396859b03c0b93cd90f91f9871
-
SHA1
932cfac1b0fdd4883ce400e4520774931aa4add1
-
SHA256
6c595ae0af40886a5d0e907120894e72fadef005a527230b5c28a3e2767789f1
-
SHA512
22de018d21f6b38a864cb32537e476c00cf77320c230b09ab63796ad589c1a1d9a3bb2d48bc9d9c1a4563e007904925a20208a16db64ab13b11d1423e5819e48
Static task
static1
Behavioral task
behavioral1
Sample
SEA LION LOGISTICS-URGENT QUOTATION.exe
Resource
win7v20201028
Malware Config
Extracted
formbook
http://www.smithsreddogranch.com/oge8/
for-the-moments.com
bethumping.com
kinetickalling.com
aquilia-wine.com
xn--d1abobxhbdm8h.xn--p1acf
nunage.com
petrocabo.com
shredtilbed.com
itspethaw.com
identifiant-espacepostale.info
humanmasterpiece.com
vvww2.online
amaflixtv.com
mikaelabeselinteriors.com
coulingeholstein.com
room5mac.net
allindiasmm.com
payardi.com
mingjiuhb.com
rt-p-c-15a9-8zzm-xk7d.com
jamatv.club
albertosilva.online
jxzszb.com
priyadeepchadhafilms.com
best20babyshowerregistries.com
reptilly.com
kenbrand.net
bondstreet.management
burnoutgo.com
gazianteppower.com
potluck.world
molvmg.icu
snapdragonsociety.com
lfalab.com
veromicrogreens.com
toranisas.com
bingent.info
capitalonehl.com
htqun.com
ecoideaspa.com
teamservices4u.com
lisbonofftherecord.com
bhushankapase.com
856379778.xyz
csfamily.club
retroandcrew.com
ucisqmx.com
mbwvyksnk.icu
laszlotamas.net
cine-prive.com
helpcha.com
growgardenly.com
pkbnconstruction.com
betsysfuntasticcreations.com
indecisiveradio.com
movilliberbank.xyz
tbm.toray
welcometulum.com
bodeguitachelera.com
christianbrazilbautista.com
valeriebellcoaching.com
dev-api.rest
gggp6.com
skybeyondalldl.com
Targets
-
-
Target
SEA LION LOGISTICS-URGENT QUOTATION.exe
-
Size
1.8MB
-
MD5
cbde8f396859b03c0b93cd90f91f9871
-
SHA1
932cfac1b0fdd4883ce400e4520774931aa4add1
-
SHA256
6c595ae0af40886a5d0e907120894e72fadef005a527230b5c28a3e2767789f1
-
SHA512
22de018d21f6b38a864cb32537e476c00cf77320c230b09ab63796ad589c1a1d9a3bb2d48bc9d9c1a4563e007904925a20208a16db64ab13b11d1423e5819e48
-
Xloader Payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-