General
-
Target
SNO22 PriceLetter595406_RACX-159814.exe
-
Size
7KB
-
Sample
220128-radq5sdhcr
-
MD5
7088f42f3e34585a113c57d472e7f6e9
-
SHA1
a3bae33f21a6068eb3c76bc3e74c61df20d5596b
-
SHA256
472f77899f797ab92af8a3b5eacbf827ce8e287971f4dd3a9f23ae00d7b25475
-
SHA512
4a86a834ad2a6cc35ab62aa0af9cd8d9c87d9fa1daf1c8328cba856fc27569c8c7d89e64be714805fdc65af6022d5602c08237f5a1344fc6ff7e9d1c54fccb01
Static task
static1
Behavioral task
behavioral1
Sample
SNO22 PriceLetter595406_RACX-159814.exe
Resource
win7-en-20211208
Malware Config
Extracted
xloader
2.5
p8ce
wishmeluck1.xyz
nawabumi.com
terra.fish
eoraipsumami.quest
awakeningyourid.com
csyein.com
tslsinteligentes.com
cataractusa.com
capitalwheelstogo.com
staffremotely.com
trashbinwasher.com
blaneyparkrendezvous.com
yolrt.com
northendtaproom.com
showgeini.com
b95206.com
almcpersonaltraining.com
lovabledoodleshome.com
woodlandstationcondos.com
nikahlive.com
sassholesentiments.com
bupis44.info
salahiheartclinic.com
loveandpersonality.com
electric-cortex.com
beijixing-zs.com
proper-sa.com
legacyfamilypartners.com
psidsamor.com
schotinderoos.com
kosma-concept.com
onitled.com
zscyyds.xyz
mannatgroups.com
radweb-demo.com
lambanghieuquangcao.info
antabatik.com
lerongclub.com
mobssvipshop.com
dr-walther.com
ibexitconsultants.com
cnyprospects.com
j9mkt64.com
archer-claims.com
lggrandinn.com
jowhp.com
outdoormz.store
cantikgroup.company
2brothersprinting.com
ginamodernart.com
koupeespen.quest
senerants.tech
designthrottle.com
emquality.com
cerulesafe.com
orascomservice.com
skinsotight.com
premiumconciergemarbella.com
cottagepor.xyz
gwayav.com
johnguidesyou.com
corporativokale.com
jskswj.com
xinico.info
gebaeudetechnik-burscheid.com
Targets
-
-
Target
SNO22 PriceLetter595406_RACX-159814.exe
-
Size
7KB
-
MD5
7088f42f3e34585a113c57d472e7f6e9
-
SHA1
a3bae33f21a6068eb3c76bc3e74c61df20d5596b
-
SHA256
472f77899f797ab92af8a3b5eacbf827ce8e287971f4dd3a9f23ae00d7b25475
-
SHA512
4a86a834ad2a6cc35ab62aa0af9cd8d9c87d9fa1daf1c8328cba856fc27569c8c7d89e64be714805fdc65af6022d5602c08237f5a1344fc6ff7e9d1c54fccb01
-
Xloader Payload
-
Suspicious use of SetThreadContext
-