General
-
Target
cYg4dkuO.dll
-
Size
688KB
-
Sample
210324-clw1bf67ln
-
MD5
1da1b1f1037bacd1fe8e017a5d52e727
-
SHA1
b9b6463219a19632299c5e0fb76715753b6ddd0e
-
SHA256
3787d90c7fa9f7b2803b904476eff287d4f59d1fe550f248250e84ca8885065f
-
SHA512
9ff5622658a9d5c1f679a4783d2f4a4b340838fc24fbcc5e1856d74ce7e9d5b90280b5cd1b96e7be40c87406d7e0c0d2c2e6a51b786b6c29d069b23f0287a5f4
Static task
static1
Behavioral task
behavioral1
Sample
cYg4dkuO.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
cYg4dkuO.dll
Resource
win10v20201028
Malware Config
Extracted
zloader
nut
24/03
https://electrabeautytools.com/post.php
https://elexitodelonatural.com/post.php
https://elmaaref.com/post.php
https://enrichuae.com/post.php
https://www.epsilon-me.com/post.php
https://codilmeosoterti.tk/post.php
Targets
-
-
Target
cYg4dkuO.dll
-
Size
688KB
-
MD5
1da1b1f1037bacd1fe8e017a5d52e727
-
SHA1
b9b6463219a19632299c5e0fb76715753b6ddd0e
-
SHA256
3787d90c7fa9f7b2803b904476eff287d4f59d1fe550f248250e84ca8885065f
-
SHA512
9ff5622658a9d5c1f679a4783d2f4a4b340838fc24fbcc5e1856d74ce7e9d5b90280b5cd1b96e7be40c87406d7e0c0d2c2e6a51b786b6c29d069b23f0287a5f4
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-