General
-
Target
cb4743a2d52cd9aa3b4afd10e181789f7c3ca4fd6edf286405a8d4d8e729d4f0
-
Size
144KB
-
Sample
210223-3ksjjadacx
-
MD5
3d9f9cc809961ac176c40f0280ebdcd1
-
SHA1
658d3768336d8934f5d9f7d2c73a29278b168b99
-
SHA256
cb4743a2d52cd9aa3b4afd10e181789f7c3ca4fd6edf286405a8d4d8e729d4f0
-
SHA512
96e642e924b054580b1c033e7de9e6395f846b31036f4e45485e6b0e3741d6ff1b51b7f75ee0a365b3792d81c21bc55e6c60aabfbdb9f8f06ba53436068fac22
Behavioral task
behavioral1
Sample
cb4743a2d52cd9aa3b4afd10e181789f7c3ca4fd6edf286405a8d4d8e729d4f0.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
nut
18/02
https://ramkanshop.ir/post.php
https://lph786.com/post.php
https://efaschoolfarooka.com/post.php
https://forexstick.com/post.php
https://firteccom.com/post.php
https://www.psychologynewmind.com/post.php
https://dirashightapbide.tk/post.php
Targets
-
-
Target
cb4743a2d52cd9aa3b4afd10e181789f7c3ca4fd6edf286405a8d4d8e729d4f0
-
Size
144KB
-
MD5
3d9f9cc809961ac176c40f0280ebdcd1
-
SHA1
658d3768336d8934f5d9f7d2c73a29278b168b99
-
SHA256
cb4743a2d52cd9aa3b4afd10e181789f7c3ca4fd6edf286405a8d4d8e729d4f0
-
SHA512
96e642e924b054580b1c033e7de9e6395f846b31036f4e45485e6b0e3741d6ff1b51b7f75ee0a365b3792d81c21bc55e6c60aabfbdb9f8f06ba53436068fac22
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-