General
-
Target
H3ifYE5.dll
-
Size
336KB
-
Sample
210301-2z7mfkeysa
-
MD5
2ab7d17b2b4a085364a15e473a1abf03
-
SHA1
c452a21329b8342f89b3fd4231202593bdc61cc9
-
SHA256
67773bd7bf1720493b3dd438a8d2959412dd9a4381a646d3e7278e73e18e102d
-
SHA512
aa7c8934aa886fb7f812c5612892ec2c515c71ee4daab70de5cafcefdd5370e4f81b254d08603b23fbf096363ec7d6aaa8757bd9d537589eac5c8fc6f97e3c53
Static task
static1
Behavioral task
behavioral1
Sample
H3ifYE5.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
nut
01/03
https://bentalks.co.ke/post.php
https://karhandlafarm.com/post.php
https://www.moinamakeup.com/post.php
https://miramaminerals.com/post.php
https://fermin.pe/post.php
https://talk2point.com/post.php
https://enpikilenlya.gq/post.php
Targets
-
-
Target
H3ifYE5.dll
-
Size
336KB
-
MD5
2ab7d17b2b4a085364a15e473a1abf03
-
SHA1
c452a21329b8342f89b3fd4231202593bdc61cc9
-
SHA256
67773bd7bf1720493b3dd438a8d2959412dd9a4381a646d3e7278e73e18e102d
-
SHA512
aa7c8934aa886fb7f812c5612892ec2c515c71ee4daab70de5cafcefdd5370e4f81b254d08603b23fbf096363ec7d6aaa8757bd9d537589eac5c8fc6f97e3c53
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-