General
-
Target
6667618913e92d79dd9d72c702f6328413f84aac0266665ea82c3a46ec2edac6
-
Size
12KB
-
Sample
220219-j72kgahgg9
-
MD5
71817d05c12b24d044c269b88f1904b3
-
SHA1
bbbe0aa46ef4aba008a177bbb215e04f5df6b9a5
-
SHA256
6667618913e92d79dd9d72c702f6328413f84aac0266665ea82c3a46ec2edac6
-
SHA512
33c1841bf2e5750a00a18951579135b4dce1e5403fa53e0c8a673aee67c3379d609a1ed3f5dd763eb38fac52289e572a068679ad5e2ab2010c5471affd9129bc
Static task
static1
Behavioral task
behavioral1
Sample
6667618913e92d79dd9d72c702f6328413f84aac0266665ea82c3a46ec2edac6.rtf
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
6667618913e92d79dd9d72c702f6328413f84aac0266665ea82c3a46ec2edac6.rtf
Resource
win10v2004-en-20220112
Malware Config
Extracted
xloader
2.5
s9ne
digital-performance-award.com
fioratti.xyz
designluxre.com
cngangdun.com
restaurantperladelmare.com
davinci65.info
glossmans.com
firstsmileimaging.com
indevmobility.biz
mvptcodesupport.com
crustenc.net
raleighsportsacademy.com
boytoyporn.com
rojaspass.com
acmepaysage.fr
shopatdean.xyz
leonergsteve18870.com
elnahuel.com
ils.network
canto-libero.com
bracknellglazingcommercial.com
jordanontheshirts.com
pnwpickleballclub.com
studibucks.com
stevesbbcards.com
pingerton.online
wincrestadvisors.com
fabiulaezeca.com
internationally.info
alianzaporextremadura.com
annianzu.icu
suryaweb.host
uh6or9.com
burceh5.store
herbalmedication.xyz
taiquandao.net
duongkhanglinh.club
endokc.com
fourjuicydeny.com
shengyuantongfs.com
sport-laboratory.com
redesignpain.com
hedefcapitals33.com
nhealthcareservices.online
exodicuis.com
hottubsswimspascoralsprings.com
louiecruzbeltran.info
sherrilyndale.com
ohneulmum.quest
adopteunper.com
windpeople.store
mypagbound.com
cargopremier.com
amichekadota.quest
efootballpro2022.net
jeeaner.com
clasiquitos.com
rockyal.xyz
vnpmhs.com
cnshuanglai.com
ratawatakara.com
stc-ksa.com
happy-bihada.space
flirty-little-secret.com
woodentoysforkids.store
Targets
-
-
Target
6667618913e92d79dd9d72c702f6328413f84aac0266665ea82c3a46ec2edac6
-
Size
12KB
-
MD5
71817d05c12b24d044c269b88f1904b3
-
SHA1
bbbe0aa46ef4aba008a177bbb215e04f5df6b9a5
-
SHA256
6667618913e92d79dd9d72c702f6328413f84aac0266665ea82c3a46ec2edac6
-
SHA512
33c1841bf2e5750a00a18951579135b4dce1e5403fa53e0c8a673aee67c3379d609a1ed3f5dd763eb38fac52289e572a068679ad5e2ab2010c5471affd9129bc
-
Xloader Payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-