General
-
Target
360000.dll
-
Size
150KB
-
Sample
210322-rhgnlvjlds
-
MD5
b2dc3a104d18f1a899d67fcd69fc0c5b
-
SHA1
b5306f3e9d4a86d518cd4433a1eae65151775384
-
SHA256
965e8a6c0b646352406ea5deb665a38606670c9163e12af2684dba436ae9fff3
-
SHA512
d6d2f900a6095a895894bc50074bc2dde40aafd304f1e3078958d721b373f525201e979162ce64e81dce256779162c1a853dfc6909af47b4304da5daa1cc042b
Malware Config
Extracted
zloader
nut
22/03
https://svilapp.svgipsar.org/post.php
https://nadar-gis.com/post.php
https://crearqarquitectos.com/post.php
https://crown-sign.com/post.php
https://dainikjahan.com/post.php
https://denatureedutech.com/post.php
https://alekllemtilaro.tk/post.php
Targets
-
-
Target
360000.dll
-
Size
150KB
-
MD5
b2dc3a104d18f1a899d67fcd69fc0c5b
-
SHA1
b5306f3e9d4a86d518cd4433a1eae65151775384
-
SHA256
965e8a6c0b646352406ea5deb665a38606670c9163e12af2684dba436ae9fff3
-
SHA512
d6d2f900a6095a895894bc50074bc2dde40aafd304f1e3078958d721b373f525201e979162ce64e81dce256779162c1a853dfc6909af47b4304da5daa1cc042b
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-