General
-
Target
023f1ef0cc2c1e055b05ae1ff5bcc6bf2421003dea227aeb6d70c8a525fa3b82
-
Size
2.6MB
-
Sample
220502-3rtpgaeghq
-
MD5
fb95561e8ed7289d015e945ad470e6db
-
SHA1
03573bc869701cffd7c96e223633d46b0a23823a
-
SHA256
023f1ef0cc2c1e055b05ae1ff5bcc6bf2421003dea227aeb6d70c8a525fa3b82
-
SHA512
2a0bf4048c1a9eca9e13566b1512403b51462c8eb71cfb273225fbc221aa156a3d3eb571fa5328ff2f4e2ef7026b3e8847f0c0a739d8f989ba716efa411821a6
Behavioral task
behavioral1
Sample
023f1ef0cc2c1e055b05ae1ff5bcc6bf2421003dea227aeb6d70c8a525fa3b82.exe
Resource
win7-20220414-en
Malware Config
Extracted
zloader
pref
fpref
http://penaz.info/gate.php
http:// advokat-hodonin.info/gate.php
-
build_id
7
Targets
-
-
Target
023f1ef0cc2c1e055b05ae1ff5bcc6bf2421003dea227aeb6d70c8a525fa3b82
-
Size
2.6MB
-
MD5
fb95561e8ed7289d015e945ad470e6db
-
SHA1
03573bc869701cffd7c96e223633d46b0a23823a
-
SHA256
023f1ef0cc2c1e055b05ae1ff5bcc6bf2421003dea227aeb6d70c8a525fa3b82
-
SHA512
2a0bf4048c1a9eca9e13566b1512403b51462c8eb71cfb273225fbc221aa156a3d3eb571fa5328ff2f4e2ef7026b3e8847f0c0a739d8f989ba716efa411821a6
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-