General
-
Target
d56060acb8115119810ae3aca151e94cbe5e2459dd405c8f010ced5a25c8548a.zip
-
Size
442KB
-
Sample
210302-ank9mm4e4j
-
MD5
3590414d424c7b2406769cd32ef4bc66
-
SHA1
a8b0f7511aac2ae50cc186897c7c6cbf43fe7897
-
SHA256
0b7ff3ca486901b7aaf844f60419567ee83edcaa0473e54e77b44a97125c496c
-
SHA512
9994b56c9da36fc86f8f1693dde083d01c92c8f4911cab6db48617f062c116ad4c22160f571dbb8cb9f9ec40c22d9224e15c1ae91f29dca49dc258061a52eea2
Static task
static1
Behavioral task
behavioral1
Sample
d56060acb8115119810ae3aca151e94cbe5e2459dd405c8f010ced5a25c8548a.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
kiv
20/01
https://actes-etatcivil.com/post.php
https://ankarakreatif.com/post.php
https://www.ramazanyildiz.net/post.php
https://hispaniaeng.com/post.php
https://www.ifdd.francophonie.org/post.php
https://tiodeitidampheater.tk/post.php
Targets
-
-
Target
d56060acb8115119810ae3aca151e94cbe5e2459dd405c8f010ced5a25c8548a.dll
-
Size
634KB
-
MD5
d32908e4d32c94a8781f21ce2626dc13
-
SHA1
ac4ab65b40593943530368a2b953e5a493e5c31b
-
SHA256
d56060acb8115119810ae3aca151e94cbe5e2459dd405c8f010ced5a25c8548a
-
SHA512
53f3f1cc132ea853cfea91b7e4759697aa06f9da8df0f2a8f67544c238cee35f7b68bd377558efe25a3dfce647446876ea175ccc05e61e9b212eafb1746f7f87
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-