General
-
Target
ec602e8263aec44b7cc4fbf930e5bc9affdc8232e9dd84a86e01198a349a827a.zip
-
Size
105KB
-
Sample
210304-xefjt5ydmj
-
MD5
08c8dc5d2fa92db3f434da90b1c47432
-
SHA1
4889f8685550fc7c576bc4d9f457f3fa82e4126f
-
SHA256
1ebd00fea702726c0362a8ca95eab89e1c1d8ecfa313ced4f328328dd51429f0
-
SHA512
897dfe60ddd7ba8ed7e2264c76ddae8fd17aff1832198f2510132cd84139800266c1b83b3ada69eef4b72a3f6415c08bff21f4bd57e8a4c52f4d02025eac3241
Behavioral task
behavioral1
Sample
ec602e8263aec44b7cc4fbf930e5bc9affdc8232e9dd84a86e01198a349a827a.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
ec602e8263aec44b7cc4fbf930e5bc9affdc8232e9dd84a86e01198a349a827a.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
10/03
https://dhteijwrb.host/milagrecf.php
https://aquolepp.pw/milagrecf.php
Targets
-
-
Target
ec602e8263aec44b7cc4fbf930e5bc9affdc8232e9dd84a86e01198a349a827a.dll
-
Size
170KB
-
MD5
0892f2d684b734d64517348a4df16964
-
SHA1
b2e6c4a27dec2c67197560c8f2b82d6e119406a3
-
SHA256
ec602e8263aec44b7cc4fbf930e5bc9affdc8232e9dd84a86e01198a349a827a
-
SHA512
2bcbc000057d62fc59e8b902b91a5b4456b816cd93464e3b0b288f092336f63e4086f88734fde792b850e524c600b7d361c42c04946e4bdb5f61406e172e707f
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-