General
-
Target
34aa0bd4dc61cca23b7950282df26ce2e16a339b2895add65d46e6d317a11fe1.zip
-
Size
218KB
-
Sample
210303-9h6ml8bzyn
-
MD5
17c3917da3baa88bf183984035014603
-
SHA1
2ad57b70b04b04c0f7afde1893f9491f47c80d5c
-
SHA256
7b2991d5d1494b1dce30f7a7bab92db0fb5c39ec498239b91ee0c928f9b19fdb
-
SHA512
1d68909859a6885386744927b514c107ffb0d37e50401f226c4da483a2d7afcfe7e60117dbb89ded06b018a62dfa39c371b6f871327ea79173b7b041be50a442
Static task
static1
Behavioral task
behavioral1
Sample
34aa0bd4dc61cca23b7950282df26ce2e16a339b2895add65d46e6d317a11fe1.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
34aa0bd4dc61cca23b7950282df26ce2e16a339b2895add65d46e6d317a11fe1.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
nut
27/11
https://hac3r.com/wp-punch.php
https://womtools.com/wp-punch.php
https://valitec.co/wp-punch.php
https://empresascreciendobien.com/server.php
https://smartat.co/error.php
https://teamearenttopdiaty.ga/wp-smarts.php
Targets
-
-
Target
34aa0bd4dc61cca23b7950282df26ce2e16a339b2895add65d46e6d317a11fe1.dll
-
Size
320KB
-
MD5
ce8ac0e4da0c1d4406a4a17215db37cf
-
SHA1
f2df1a5863044e5d6b4ab7d2a2b1ebee9f96d228
-
SHA256
34aa0bd4dc61cca23b7950282df26ce2e16a339b2895add65d46e6d317a11fe1
-
SHA512
fcfff47b9074b9013fc00acb9b4a9aee13f820e6369e78a354a3b8d545a8ebf1560f910d6a49edff53384c6e37d61a0b075eb44c6ab89267a0a532f58fbbe7f1
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-