General
-
Target
logs.php.bin.zip
-
Size
279KB
-
Sample
210223-8sh1nq6gc2
-
MD5
cf828f60ffbe32d983700b9eb0880cbd
-
SHA1
5e907f2d1df8f57cf0cc98732b80b63ab996b680
-
SHA256
8fc7aa5068df8dd41823208577566f08ee12624a49cb1423fd4560b05c29ea8a
-
SHA512
9d4ba4987f83981df69ce38bd082e62a6546ae960aa3a8a362406618f4264c10cdb7b745a59118cc12e5652dfe8d8f8ce8ef1cad8d0241190732720b258d745a
Static task
static1
Malware Config
Extracted
zloader
nut
22/02
https://sanfilippowholesale.ca/post.php
https://veprotech.com/post.php
https://globalgroots.com/post.php
https://silicontradewind.com/post.php
https://dhyanalingagranites.in/post.php
https://onushondhanbarta.com/post.php
https://avcity.in/post.php
https://docapiridelli.ml/post.php
Targets
-
-
Target
logs.php.bin
-
Size
368KB
-
MD5
4bf3af70dcbddb2176b0bf611a8f945c
-
SHA1
59bbd8de9de9f891adb73b4c5711cfb7a3073fa5
-
SHA256
22a0ceb74f566484220466e975d4fa835f4edf6279f9426f36498d8aa3337017
-
SHA512
ff2f75d15d5bfffb2a5cae30e231d2fc1c33adc9fc4b771e1eb5587d4761ebdc2afff3618f218ffa7c020b11f264217916acb2c6114a5752c53dda13af89134f
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-