General
-
Target
f1d43050a57365d41f2ec6ac3f73f1ddf9fa454c8b96aa5aa30749490b5a5fd4
-
Size
247KB
-
Sample
220201-krbvjscce4
-
MD5
be0da79c1c67a625af0b3dac757ee5f4
-
SHA1
51c326ee3b994e2e0c63e4f3788e85d5e5eb4573
-
SHA256
f1d43050a57365d41f2ec6ac3f73f1ddf9fa454c8b96aa5aa30749490b5a5fd4
-
SHA512
1bfae94345e1c6db71b855100e9cf2b76c15a28b0fb4a77d1e6d518a3312477632896e521df0fa5b71052965afe7de971a71621f169fc2568f337f1008d73cd9
Static task
static1
Behavioral task
behavioral1
Sample
f1d43050a57365d41f2ec6ac3f73f1ddf9fa454c8b96aa5aa30749490b5a5fd4.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
f1d43050a57365d41f2ec6ac3f73f1ddf9fa454c8b96aa5aa30749490b5a5fd4.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
zloader
main
2020-06-21
https://glartrot.org/web/data
https://revenapo.org/web/data
https://brenonip.org/web/data
https://paeriff.com/web/data
https://findulz.com/web/data
https://fredoam.com/web/data
-
build_id
12
Targets
-
-
Target
f1d43050a57365d41f2ec6ac3f73f1ddf9fa454c8b96aa5aa30749490b5a5fd4
-
Size
247KB
-
MD5
be0da79c1c67a625af0b3dac757ee5f4
-
SHA1
51c326ee3b994e2e0c63e4f3788e85d5e5eb4573
-
SHA256
f1d43050a57365d41f2ec6ac3f73f1ddf9fa454c8b96aa5aa30749490b5a5fd4
-
SHA512
1bfae94345e1c6db71b855100e9cf2b76c15a28b0fb4a77d1e6d518a3312477632896e521df0fa5b71052965afe7de971a71621f169fc2568f337f1008d73cd9
Score10/10-
Sets service image path in registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-