General
-
Target
Nova lista narudzbi.zip
-
Size
366KB
-
Sample
220131-kc16wshea3
-
MD5
2b432ecbc21529d4cf57eb1cbf0ebde4
-
SHA1
0dccb01f04b8d832bb92fc60be1ec7a8f4f1c3f4
-
SHA256
ad720e8cfafe30dff584f7b80b5af332e8336f1b8c25ef736225f5ee5861c704
-
SHA512
aa523c9c732da682b9054444b05c5ad3f1554e6cadc50204fd838e61ebdf4a37a09bcbbd10c6c3015cf377ac46eb42ce913671421a88bfda4691fad70003ecb1
Static task
static1
Behavioral task
behavioral1
Sample
Nova lista narudzbi.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Nova lista narudzbi.exe
Resource
win10-en-20211208
Malware Config
Extracted
xloader
2.5
pvxz
imt-token.club
abravewayocen.online
shcloudcar.com
mshoppingworld.online
ncgf08.xyz
stuinfo.xyz
wesavetheplanetofficial.com
tourbox.xyz
believeinyourselftraining.com
jsboyat.com
aaeconomy.info
9etmorea.info
purosepeti7.com
goticketly.com
pinkmemorypt.com
mylifewellnesscentre.com
iridina.online
petrestore.online
neema.xyz
novelfooditalia.com
enterprisedaas.computer
tzkaxh.com
brainfarter.com
youniquegal.com
piiqrio.com
mdaszb.com
boldmale.com
era636.com
castleinsuranceco.com
woodennickelmusicfortwayne.com
customer-servis-kredivo.com
high-clicks.com
greetwithgadgets.com
hfsd1.com
insureagainstearthquakes.net
ultimatejump.rest
parivartanyogeshstore.com
handmanagementblog.com
meishangtianhua.com
michaelscottinsurance.net
kershoes.com
atomiccharmworks.com
conciergecompare.com
zeal-hashima.com
coachianscott.com
hwkm.net
019skz.xyz
jardingenesis.com
sumikkoremon.com
tjpengyun.com
sectionpor.xyz
46t.xyz
sa-pontianak.com
localproperty.team
dotexposed.com
cis136-tgarza.com
eiestilo.com
youknowhowtolive.com
phalcosnusa.com
qaticv93iy.com
hbjngs.com
ocean-nettoyage.com
jenuwinclothes.net
anadoluatvoffroad.com
finetipster.com
Targets
-
-
Target
Nova lista narudzbi.exe
-
Size
737KB
-
MD5
92e4965d42225c4cb6e0df8eea1624cd
-
SHA1
15fcbadd57392f45ec2f5295135a6f91e285bae6
-
SHA256
b7b9c46351f0f72162bb0139d4b1a7e66180fe1cc61e9742104a27fdba4e7fc6
-
SHA512
b94478d476129de0973eb1a5b040b7bd9f60a4540f81e45e8005e3edcd233d45afdf3c2c4aa0487cca3c3f2acdad428cce8adb781d8b8213bbc0fc9cb269e16d
Score10/10-
Xloader Payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-