General
-
Target
778b9b70005df81ab976c71250ebe587f0eeb017c380e69405dc86692a3a4495.zip
-
Size
80KB
-
Sample
210302-y9kr87vgl6
-
MD5
4a3aead1e9843a129623d9445833e6df
-
SHA1
a785c832443585dc28eed06e051634a43696bc73
-
SHA256
d45d3d2fa8833b85608b6afa7b29e82675fd50e9701b0418d1c359c61829bdb1
-
SHA512
8323d41d28e3975da0f3a6757fb656225d7ecca03c0a4bb9d9aa22d64e708ed11560a9f3e5f89bc7ca03ebc0f70ff056ef3858b7595fe89651ef58202ac43b23
Behavioral task
behavioral1
Sample
778b9b70005df81ab976c71250ebe587f0eeb017c380e69405dc86692a3a4495.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
kev
26/01
https://gadgetswolf.com/post.php
https://homesoapmolds.com/post.php
https://govemedico.tk/post.php
Targets
-
-
Target
778b9b70005df81ab976c71250ebe587f0eeb017c380e69405dc86692a3a4495.dll
-
Size
133KB
-
MD5
b2c855b1dd828feaff561c702ad1152c
-
SHA1
0bc01ddc1f202ec9310bba17b616cba27b01ade6
-
SHA256
778b9b70005df81ab976c71250ebe587f0eeb017c380e69405dc86692a3a4495
-
SHA512
260e0738aeca6c24762d4f9131e1998a7479ff57f3bacf4a26633fa0ba257eb72d0376bbfcab8ae72fcb5dd39cab5e98ef7678fff3de3f8748de11b5362412e4
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-