General
-
Target
9081546b7e05805a5496bfcee49b3c736cb55b49e467529c7d7ac60781b29880.zip
-
Size
171KB
-
Sample
210302-yshegww65s
-
MD5
c115930dc29d8331a286b0e02a776224
-
SHA1
72397b56a3e4f69be07bf8d06f424a0ea3b6b820
-
SHA256
4a409198e2a70b2cff5a09663e15a37fe6f3e8cf4dd894143c4be4067ec7da8e
-
SHA512
186b7a99074da24170cc800df914be4db85ca9efaa0f8ce5e87c096a9ca3bc72b55f4fff22cf19092f28fba2af108085efeaadc564d0368decd5a5f95f83455e
Static task
static1
Behavioral task
behavioral1
Sample
9081546b7e05805a5496bfcee49b3c736cb55b49e467529c7d7ac60781b29880.exe
Resource
win7v20201028
Malware Config
Extracted
zloader
r2
r2
https://notsweets.net/LKhwojehDgwegSDG/gateJKjdsh.php
https://olpons.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://karamelliar.org/LKhwojehDgwegSDG/gateJKjdsh.php
https://dogrunn.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://azoraz.net/LKhwojehDgwegSDG/gateJKjdsh.php
Targets
-
-
Target
9081546b7e05805a5496bfcee49b3c736cb55b49e467529c7d7ac60781b29880.exe
-
Size
282KB
-
MD5
3b0c5d532922be20ae151490e7109c60
-
SHA1
4c3ba395594a5117d468084330902739ca08de0e
-
SHA256
9081546b7e05805a5496bfcee49b3c736cb55b49e467529c7d7ac60781b29880
-
SHA512
6a724591ee57cbc2ce9351ac556e666040f8ba6bcd37112b960a4fc0a16b493a7b94b0e70f9efe1a1d53597ec8a0a5ef08bbfc91ef4ace776f1df0f8c1555f4e
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-