General
-
Target
SRMETALINDUSTRIES.zip
-
Size
435KB
-
Sample
210916-lnrl9scfg4
-
MD5
b153ab7c7835804fa85cfbc637ae1a2e
-
SHA1
232144cbca489f97c5fb2d43f85e137ca78442f9
-
SHA256
16c1cffb71d50fbe9105900699a6c4c9f3b5f55fac90daa8c3171f03035d3093
-
SHA512
ee8fd0b12f82f0d2b9a482e654addb6173253c63ac384748903778d7275e9d8ec6dae55132836a193385bc1eadb060e74b879e94826e0975be0f91ea2b0720a3
Static task
static1
Behavioral task
behavioral1
Sample
SRMETALINDUSTRIES.exe
Resource
win7-en
Malware Config
Extracted
xloader
2.4
n58i
http://www.nordicbatterybelt.net/n58i/
southerncircumstance.com
mcsasco.com
ifbrick.com
societe-anonyme.net
bantank.xyz
dogecoin.beauty
aboutacoffee.com
babalandlordrealestate.com
tintgta.com
integrity.directory
parwnr.icu
poltishof.online
stayandstyle.com
ickjeame.xyz
currentmotors.ca
pond.fund
petrosterzis.com
deadbydaylightpoints.com
hotel-balzac.paris
focusmaintainance.com
odeonmarket.com
voeran.net
lookailpop.xyz
sashaignatenko.com
royalgreenvillage.com
airbhouse.com
zl-dz.com
fuwuxz.com
wugupihuhepop.xyz
zmdhysm.com
luchin.site
rnchaincvkbip.xyz
fffddfrfqffrtgthhhbhffgfr.com
goabbasoon.info
booyahbucks.com
ilovecoventry.com
components-electronics.com
advindustry.com
browandline.com
hotnspicy.site
marlonj26.com
holidays24.net
starworks.online
mbchaindogbbc.xyz
3wouqg.com
evnfreesx.com
baureihe51.com
hycelassetmanagement.space
photostickomni-trendyfinds.com
singisa4letterword.com
thklw.online
menramen.com
highspeedinternetinc.com
beerenhunger.info
hisensor.world
lassurancevalence.com
clementchanlab.com
customia.xyz
alysvera-centroestetico.com
cx-xiezuo.com
index-mp3.com
mybenefits51.com
vyhozoi.site
lingerista.net
Targets
-
-
Target
SRMETALINDUSTRIES.exe
-
Size
573KB
-
MD5
51fb6f484b4bc554a7fddb7dc24c994e
-
SHA1
6548d2e4c988457deb2a3435220f3252367462f3
-
SHA256
4b9ec9143ae2471c8cf540f5e3815c4ca4bb5e073d5c45e6bd934cc0350e8546
-
SHA512
703b898725b19590fb833a988a49af207cbb367b508ff58b7c662bd5d6646689276267320d1e915fa7bb8b3201fe43b7b25ec61cf3188c5f5b4ad83c74591aad
-
Xloader Payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-