General
-
Target
66ec83aa3631d71cba16fd34d1c0b8669009418a92ba683b8a348cd130150b5b.zip
-
Size
187KB
-
Sample
210303-rlkv216616
-
MD5
9d73f25ce917319c4a50a911df99287a
-
SHA1
40d77bb249248780c0577d1db6bbfc14642db17f
-
SHA256
8f259e85a4e160edebaaaccad8f92ee1e04b0f8abf888e5b761eee5e9bb073e7
-
SHA512
b316948f098d961ac49c04bf033ba879bdf6afc87115755384641154950612bf808ae967953f5058a3913d6fbc604181c072a64e9dfeb1c3310a935de8ee0910
Static task
static1
Behavioral task
behavioral1
Sample
66ec83aa3631d71cba16fd34d1c0b8669009418a92ba683b8a348cd130150b5b.dll
Resource
win7v20201028
Malware Config
Extracted
zloader
kev
27/11
https://hac3r.com/wp-punch.php
https://womtools.com/wp-punch.php
https://valitec.co/wp-punch.php
https://empresascreciendobien.com/server.php
https://smartat.co/error.php
https://teamearenttopdiaty.ga/wp-smarts.php
Targets
-
-
Target
66ec83aa3631d71cba16fd34d1c0b8669009418a92ba683b8a348cd130150b5b.dll
-
Size
262KB
-
MD5
4a64b13ff53aebbab00504f6655ba846
-
SHA1
7e75f220f6c9e6be9abd0def54f7d9957540598c
-
SHA256
66ec83aa3631d71cba16fd34d1c0b8669009418a92ba683b8a348cd130150b5b
-
SHA512
9ab869872466866f2bade4fe40cc50bfbd1a3475834d8be1719f2d6ec4b61b0e1848021c0a9444e20e2d0097d46c0e2cc25bf90e25802ad96dc02f84d394735e
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-