General
-
Target
b8e75cbb6e4c360fec71e12b85f3c5e4933e66a64928ff4d337ebe6a6cc9150f
-
Size
271KB
-
Sample
220201-lc1e2acfg9
-
MD5
33a68078df295fc4632015069da91aee
-
SHA1
c41acf7b1cd8dde61b5662a23600e480f7126c78
-
SHA256
b8e75cbb6e4c360fec71e12b85f3c5e4933e66a64928ff4d337ebe6a6cc9150f
-
SHA512
0e6dc45d23f7a8e99a9bc8a8b52b169b3b50438f5955bea35a74fbefe26e7317ce20ac27a317d5d9564b42f0e5237efea0eaf3166b61f9592e0e63e2cf288383
Static task
static1
Behavioral task
behavioral1
Sample
b8e75cbb6e4c360fec71e12b85f3c5e4933e66a64928ff4d337ebe6a6cc9150f.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b8e75cbb6e4c360fec71e12b85f3c5e4933e66a64928ff4d337ebe6a6cc9150f.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
zloader
DLLobnova
ogneniyupdate
https://fdsjfjdsfjdsdsjajjs.com/gate.php
https://idisaudhasdhasdj.com/gate.php
https://dsjdjsjdsadhasdas.com/gate.php
https://dsdjfhdsufudhjas.com/gate.php
https://dsdjfhdsufudhjas.info/gate.php
https://fdsjfjdsfjdsdsjajjs.info/gate.php
https://idisaudhasdhasdj.info/gate.php
https://dsdjfhdsufudhjas.pro/gate.php
https://dsdjfhd9ddksaas.pro/gate.php
-
build_id
17
Targets
-
-
Target
b8e75cbb6e4c360fec71e12b85f3c5e4933e66a64928ff4d337ebe6a6cc9150f
-
Size
271KB
-
MD5
33a68078df295fc4632015069da91aee
-
SHA1
c41acf7b1cd8dde61b5662a23600e480f7126c78
-
SHA256
b8e75cbb6e4c360fec71e12b85f3c5e4933e66a64928ff4d337ebe6a6cc9150f
-
SHA512
0e6dc45d23f7a8e99a9bc8a8b52b169b3b50438f5955bea35a74fbefe26e7317ce20ac27a317d5d9564b42f0e5237efea0eaf3166b61f9592e0e63e2cf288383
-
Blocklisted process makes network request
-
Sets service image path in registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-