General
-
Target
0SEND4.txt.bin
-
Size
798KB
-
Sample
210217-v6259943f6
-
MD5
4746a10f3884b8c1855b865adab64038
-
SHA1
3caa423388eb1314499d27574251365ec5c25e64
-
SHA256
d9e22bc57b8c36650950d471c47869814e215ed7b92f5a6095b38b411dbf6ce4
-
SHA512
8b5b56860cf87c969fb9734aa14d8201a2a48a05ceba1416e9b72f49bf4ea988e2c958a8291b95baac2d1d524c96b9c8fa7e6192b2f9211692e62e75d39517b7
Static task
static1
Behavioral task
behavioral1
Sample
0SEND4.txt.bin.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
0SEND4.txt.bin.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
kev
17/02
https://laddyfabs.com/post.php
https://lossvalue.com/post.php
https://despsysgiagrazarin.tk/post.php
https://vestvasori.tk/post.php
Targets
-
-
Target
0SEND4.txt.bin
-
Size
798KB
-
MD5
4746a10f3884b8c1855b865adab64038
-
SHA1
3caa423388eb1314499d27574251365ec5c25e64
-
SHA256
d9e22bc57b8c36650950d471c47869814e215ed7b92f5a6095b38b411dbf6ce4
-
SHA512
8b5b56860cf87c969fb9734aa14d8201a2a48a05ceba1416e9b72f49bf4ea988e2c958a8291b95baac2d1d524c96b9c8fa7e6192b2f9211692e62e75d39517b7
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-