General
-
Target
zxeed.dll
-
Size
586KB
-
Sample
210210-ja7bmkyt3j
-
MD5
c0a63eb0dc02d6bbab35b94555721ad3
-
SHA1
ab29a3706e4019bd21c7a487a2e4f2d292cc869b
-
SHA256
ccb110232bfb55812730ce5fa2b1f1a6e56fba5c2ed593ae9c5ce0087aaf97fc
-
SHA512
de279b0a60aacafec1d7743625e07fcadfaf892d403c562d727b89912c154aecf9e17da6d80ba847cd44d27c436514a27a5fbaec827fd0a138646a58974fb75c
Static task
static1
Behavioral task
behavioral1
Sample
zxeed.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
kiv
09/02
https://earfetti.com/post.php
https://evalynews.com/post.php
https://sanciacinfofoothe.tk/post.php
https://enriwetmiti.tk/post.php
Targets
-
-
Target
zxeed.dll
-
Size
586KB
-
MD5
c0a63eb0dc02d6bbab35b94555721ad3
-
SHA1
ab29a3706e4019bd21c7a487a2e4f2d292cc869b
-
SHA256
ccb110232bfb55812730ce5fa2b1f1a6e56fba5c2ed593ae9c5ce0087aaf97fc
-
SHA512
de279b0a60aacafec1d7743625e07fcadfaf892d403c562d727b89912c154aecf9e17da6d80ba847cd44d27c436514a27a5fbaec827fd0a138646a58974fb75c
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-