General
-
Target
35466f0c22f220890b932e59f9a21032712e8260343d13ad4c0d9560db3b638f.zip
-
Size
282KB
-
Sample
210302-8n9hgwt6px
-
MD5
a375705cf648a898e779454c69636d47
-
SHA1
19f3fb8814c9f39558a04fb554f5030a6f1c8e9f
-
SHA256
317e3033c5a83dcba60304cbb8ffcd30c40c0bb710fff784bd9e7189fffff15d
-
SHA512
863d22d20cc7b02241804e95705e54a9e9b4d3d09a5dabc67fdda13cc1c4000869b8b59b91f0cb6b1fca3c13659d7cd15985cf500f2798663b035c381809e1e1
Static task
static1
Behavioral task
behavioral1
Sample
35466f0c22f220890b932e59f9a21032712e8260343d13ad4c0d9560db3b638f.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
nut
08/12
https://nature4health.id/wp-punch.php
https://maschuquisaca.tk/wp-punch.php
https://serproimsas.com/wp-punch.php
https://agrospas.co.rs/wp-punch.php
https://fnxcrypto.com/server.php
https://lywakelireal.ga/wp-smarts.php
Targets
-
-
Target
35466f0c22f220890b932e59f9a21032712e8260343d13ad4c0d9560db3b638f.dll
-
Size
367KB
-
MD5
b8486dcef44c59a2652378724ef2a995
-
SHA1
1a71166669aa8810474fcb6700851175c643bd30
-
SHA256
35466f0c22f220890b932e59f9a21032712e8260343d13ad4c0d9560db3b638f
-
SHA512
70da95fda92ff4e1f4157a747e50dc311cf1e3add4b4a3fd8da6c2c752b5fa7b6572f860d069630792804d0a45479e84dee86be0129994fa5ef3a83657fd003e
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-