General
-
Target
qUDLf.dll
-
Size
300KB
-
Sample
210310-swgqfnncrx
-
MD5
35377178edc832c00f9b8f04c961e1fd
-
SHA1
ca363d13d681ba404101b76acf8bc7ae518c149a
-
SHA256
8c19669b6ea804b0f3d63a285e115a01084efffc9501c31b0b09d79cadba34e6
-
SHA512
7bc01e2219fddddb480ba64521002e392eddd17f0f0a43249c5fd13205dde0f8a1e777e23bf266697b70cb077534d672ce81afdbb78a61996174d73fda6c562a
Static task
static1
Behavioral task
behavioral1
Sample
qUDLf.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
qUDLf.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
nut
09/03
https://impresosypapeleriaocana.com/post.php
https://anirban24tv.com/post.php
https://geniesoutien.com/post.php
https://artist.capitaldstudio.com/post.php
https://e-anjab.jatimprov.go.id/post.php
https://landmarklive.in/post.php
https://webtvparacatu.com.br/post.php
https://petiteballerina.fi/post.php
https://sasremetgausal.tk/post.php
Targets
-
-
Target
qUDLf.dll
-
Size
300KB
-
MD5
35377178edc832c00f9b8f04c961e1fd
-
SHA1
ca363d13d681ba404101b76acf8bc7ae518c149a
-
SHA256
8c19669b6ea804b0f3d63a285e115a01084efffc9501c31b0b09d79cadba34e6
-
SHA512
7bc01e2219fddddb480ba64521002e392eddd17f0f0a43249c5fd13205dde0f8a1e777e23bf266697b70cb077534d672ce81afdbb78a61996174d73fda6c562a
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-