General
-
Target
e9777bb4_by_Libranalysis
-
Size
920KB
-
Sample
210506-8r8p5jngbe
-
MD5
e9777bb4745f38009a1d806392a437e5
-
SHA1
76ffc32ba98dd84e396af77ad4311d99b3a1bbb0
-
SHA256
eb8c5fa3da30f5d972e7d30767099990aadce5af9e046a2765b0c64222eab118
-
SHA512
794f80a25ae343075421e2d6a030d3a30ef0f2790649fad1c7fc80b31b4ce9d755dfe10634e0d28a684f39d2cffec0c8e7c17d18547df88335ef2d5c2de29f0f
Static task
static1
Behavioral task
behavioral1
Sample
e9777bb4_by_Libranalysis.exe
Resource
win7v20210408
Malware Config
Extracted
xloader
2.3
http://www.asconstructionin.com/m3rc/
manonkelley.com
prosperouspromises.com
biglebowlski.com
zhenyash.com
wayinfinite.com
vaginalmedicine.com
garnogroup.com
6-8-8-8-8.website
universtal.com
gillet.pro
hwrfxkna.com
unapersonaestabien.com
organicdiehards.com
santini7.com
salt9pepper.com
ericasorganiclife.com
vipgifts.online
mariozumbo.com
genetikfatura.com
heypapabear.com
saniorsterimist.com
the-bold-type.com
maxitoto.com
bluemanmoon.com
providenceoffices.com
jimsklena.com
thefritzserpong.com
qlmstore.com
thetipsytwo.com
cunerier.com
seniorliving100ig.com
danuvia.net
thegijofficial.com
nanogentherapeutics.com
paradajaime.com
nononenseforex.com
hsrinspection.com
labarberiadesamu.com
viviangee.net
shhhapparel.com
100hoodia.com
drlisatharler.com
kefeiping.com
rsw111004.com
irisxorose.com
arabacamfilmi.com
iconchen.com
dhinchakk.com
monitoryourproperty.com
justinforga.com
api-pay-app.com
siplamedia.com
voltageweldingmasks.com
dirtylyxx.com
thelashingladybug.com
cageusa.com
avaatraelegant.com
faydety.info
doggyfacemask.com
virtualtoursthailand.com
northtlc.com
3911599.com
freelancer.wales
gudamma.com
Targets
-
-
Target
e9777bb4_by_Libranalysis
-
Size
920KB
-
MD5
e9777bb4745f38009a1d806392a437e5
-
SHA1
76ffc32ba98dd84e396af77ad4311d99b3a1bbb0
-
SHA256
eb8c5fa3da30f5d972e7d30767099990aadce5af9e046a2765b0c64222eab118
-
SHA512
794f80a25ae343075421e2d6a030d3a30ef0f2790649fad1c7fc80b31b4ce9d755dfe10634e0d28a684f39d2cffec0c8e7c17d18547df88335ef2d5c2de29f0f
-
Xloader Payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-