General
-
Target
DHL Delivery Documents.exe
-
Size
78KB
-
Sample
220131-ss4wqaabc3
-
MD5
94743aae8b0eb58bf9849035dc640b3c
-
SHA1
089f398df4eb9cf0511038cff177ecd3fbc9715c
-
SHA256
b34bc888551b9a603edf76a356a4c0fc290fac420d3c6df0decd0916970bfb9b
-
SHA512
23b72e99ec9ad81a97d3b4902c020c7f27b3b156ca81bc5c818f9ecd88b40f6cfb3b9b436511e952de31a9c7841cf80e9019c0ad2a54d075ba5f1bf7e9e562b0
Static task
static1
Behavioral task
behavioral1
Sample
DHL Delivery Documents.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
DHL Delivery Documents.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
xloader
2.5
zqzw
laurentmathieu.com
nohohonndana.com
hhmc.info
shophallows.com
blazebunk.com
goodbridge.xyz
flakycloud.com
bakermckenziegroups.com
formation-adistance.com
lovingearthbotanicals.com
tbrservice.plus
heritagehousehotels.com
drwbuildersco.com
lacsghb.com
wain3x.com
dadreview.club
continiutycp.com
cockgirls.com
48mpt.xyz
033skz.xyz
gmconstructionlnc.com
ms-mint.com
aenrione.xyz
honxuan.com
snowmanvila.com
cig-online.com
valetvolley.com
bjsnft.com
bennystrom.com
flw.ink
clarissagrandiart.com
samfamstudio.com
pamschams.com
edgar-regale.com
combi-tech.tech
00xwq.online
eclipseconstrucciones.com
plick-click.com
dive.education
regenelis.com
blue-chipwordtoscan-today.info
xn--rsso51aevf65u.com
maonagrana.com
lucasdebatintrader.com
cassijohnson.com
roeten.online
into-concrete.xyz
motovip.store
floryfab.com
slkykq.com
vidyakala.com
stairwaystowealth.com
meganandbobbyprine.com
arestradings.com
emilyschlueter.com
platanin.com
hnhstudios.com
dmembutidos.com
dcassorealtor.com
megamobil.wien
001skz.xyz
5t45urfgurkhgbvkhbuh.com
a3hd.com
newmexicotruckwrecklawyers.com
trabaho-academy.net
Targets
-
-
Target
DHL Delivery Documents.exe
-
Size
78KB
-
MD5
94743aae8b0eb58bf9849035dc640b3c
-
SHA1
089f398df4eb9cf0511038cff177ecd3fbc9715c
-
SHA256
b34bc888551b9a603edf76a356a4c0fc290fac420d3c6df0decd0916970bfb9b
-
SHA512
23b72e99ec9ad81a97d3b4902c020c7f27b3b156ca81bc5c818f9ecd88b40f6cfb3b9b436511e952de31a9c7841cf80e9019c0ad2a54d075ba5f1bf7e9e562b0
Score10/10-
Xloader Payload
-
Sets service image path in registry
-
Suspicious use of SetThreadContext
-