General
-
Target
Original Shipment Doc Ref 2853801324189923.rar
-
Size
392KB
-
Sample
211013-mxtcwsead6
-
MD5
ab76cc7ad71db508d46ccc0f3640ca09
-
SHA1
b6b1d8ea9a0f25be1a9bc37df022586147a01375
-
SHA256
dd045167dcef2337c3fa44feafc1d6df945e674c6b62a919297e50ae8066fab7
-
SHA512
d18b830f6e322997095b601fa82d323f4b5910e0572640126d2cfd5f566a3910b5b431f57e4c221acacfb9a32408ae454848235bfa539aadca8e17e6d4d386ab
Static task
static1
Behavioral task
behavioral1
Sample
Original Shipment Doc Ref 2853801324189923.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
Original Shipment Doc Ref 2853801324189923.exe
Resource
win10-en-20210920
Malware Config
Extracted
xloader
2.5
epns
http://www.lnvietnam.online/epns/
mmfaccao.com
blttsperma.quest
946abe.net
indispensablehands.com
jkformationfrance.com
phonerepaire.com
lienquan-trian.com
youkuti.com
empowermindbodystudios.com
seunicapf.com
fk-link.xyz
kunai.tech
difficultbutdoablebrand.com
ejworkspace.com
teracorp.biz
thekids.today
quintaalentejana.com
annaviruksham.com
jshengrong.com
nsmetalmakina.xyz
hentainftd.com
alphabet-chicken-farms.com
erotikchat.red
skintipsllc.com
expressofertachegou.com
ygraeriotexniki.com
thesidehustler.net
visionries.com
deployinghigh.com
havana-smile.com
exclusivegift7.com
ephraimhomedeals.com
westquartier.com
kiingear.com
officecom-myaccount.com
lemomentconcept.com
royalteacherclass.com
alltart.com
hustlershandbook.biz
mxpvlv.biz
canalcorporate.com
carcity.toys
k6tkuwrnjake.biz
acrobike69.com
4000518883.com
katia-magnetisme.com
shiningproent.com
ikmbc-b02.com
thoughtsbig.com
baba.clinic
blazestead.com
12monthmillionairetraining.com
goodtasteonline.com
nokushop.com
teneses.com
215oldtoby.com
pampelina.com
eimzaizmir.com
newnetteline.com
discovertexasbeaches.com
farrukhportfolio.website
bombers.xyz
melissacarbonell.group
5402506.win
Targets
-
-
Target
Original Shipment Doc Ref 2853801324189923.exe
-
Size
1.0MB
-
MD5
9f752a9587909dee2a9467d7fbed1b21
-
SHA1
cfdf4da7770a40a660efe35473f248a10f2dee96
-
SHA256
42c76dbf2485d58e38ffccc5cdd20539e4bae8a00b90f4633f453065d20b04cd
-
SHA512
83c6dbf4752398ca54dca1f9fc7d325ef87a0ee3580b4e9f8a33353983c5c23e70a41bb614d2beb71e74c01034492a72448c9f01fa39b03657d2546bb0b98a11
Score10/10-
Xloader Payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-