General
-
Target
311c78f93acf71a31e5c05bb20f0eef5.dll
-
Size
666KB
-
Sample
210415-asqecbxqae
-
MD5
311c78f93acf71a31e5c05bb20f0eef5
-
SHA1
d9618042f78ad4fd5e7c9e20114badf4e0b1b7b7
-
SHA256
ca4a842f5c327aa4372549fc4bf1e6f86956cfddcf423fbaadeba69fd6738c05
-
SHA512
781b64a2da50a94c660e577aad6dd0995ca1895c6b09f32c177d30383e721586ef7f0ae2c1aec8658b89b9b9ae4f1903e39b6bc5f11d554697c64974cec2bcb9
Static task
static1
Behavioral task
behavioral1
Sample
311c78f93acf71a31e5c05bb20f0eef5.dll
Resource
win7v20210410
Malware Config
Extracted
zloader
nut
13/04
https://jiaayanu.com/post.php
https://investinszeklerland.eu/post.php
https://iqs-sac.com/post.php
https://jciems.in/post.php
https://jinnahofficersschool.com/post.php
https://kancagh.com/post.php
Targets
-
-
Target
311c78f93acf71a31e5c05bb20f0eef5.dll
-
Size
666KB
-
MD5
311c78f93acf71a31e5c05bb20f0eef5
-
SHA1
d9618042f78ad4fd5e7c9e20114badf4e0b1b7b7
-
SHA256
ca4a842f5c327aa4372549fc4bf1e6f86956cfddcf423fbaadeba69fd6738c05
-
SHA512
781b64a2da50a94c660e577aad6dd0995ca1895c6b09f32c177d30383e721586ef7f0ae2c1aec8658b89b9b9ae4f1903e39b6bc5f11d554697c64974cec2bcb9
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-