General
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.4418.16533
-
Size
453KB
-
Sample
220613-gcvsbsabe7
-
MD5
38582ab77e044f76e4f802fd56a0273f
-
SHA1
cfc9d39c4a5e5d61d15a4eab30f2d32ec1545728
-
SHA256
dcfa4dfcc90ae3c90deb36709bdaed5a1d49a174139bf814cd758ed8b6859c1a
-
SHA512
8bb21e3d17771127b21a9cdf1e433f460cd1d9d14029c59e318b429ee8da390716c034cf5ecc1410c895ac5e8159a8be7fd9f51e95e8582a060be4f02e19da1a
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetectNet.01.4418.exe
Resource
win7-20220414-en
Malware Config
Extracted
xloader
2.6
be3s
aoxaswa.info
souplab-graphic.com
churchontheisland.com
spclassic-cars.com
stanford-edu.club
heydowm.online
chattanooga-electricians.com
sectsk.com
cxg98.com
buildafricaonline.net
buydogcoin.com
vsst247.com
lodgelastrancas.com
ainonaho.com
griousndwarehsftyfs.xyz
voltagestabilizersupply.com
xn--79q565dzfex9hg81b.com
isrvr-ccrforum.info
chitiandi.com
criticaldisco.com
fxivcama.com
martinsalas12.com
stellar3.xyz
positivistapproach.com
drivecheckeredflagcdjr.com
ejxsj.com
vegastrader.net
srivedafireandsafetysystems.com
ssmrmt.com
alexander-stuart.com
bill-tj.com
ctgteams.com
gossipnode.com
c431s.com
kelleysheartinart.com
rusucatalin.com
beautifulcreativeconcepts.info
hongyanwulei.com
lhab.xyz
gpzdd.com
dailyprizes-2022.site
hollafashions.com
gecharity.com
villagegram.com
davisesinthesmokies.xyz
webandsundry.com
setthetonenyc.com
bayu122.com
lajollabella.com
ghazalceramic.com
soft-iwacu.online
haksography.com
karise.life
promobilelist.com
respecttheroyalty.com
17500teraholland.com
giraffeemarketing.com
canyouseelouise.net
watchur6.com
eqaq-tvzurp.xyz
onlinecumpar.com
watchdiving.com
austriatourguide.com
kavun2.xyz
mpmidea.com
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.4418.16533
-
Size
453KB
-
MD5
38582ab77e044f76e4f802fd56a0273f
-
SHA1
cfc9d39c4a5e5d61d15a4eab30f2d32ec1545728
-
SHA256
dcfa4dfcc90ae3c90deb36709bdaed5a1d49a174139bf814cd758ed8b6859c1a
-
SHA512
8bb21e3d17771127b21a9cdf1e433f460cd1d9d14029c59e318b429ee8da390716c034cf5ecc1410c895ac5e8159a8be7fd9f51e95e8582a060be4f02e19da1a
-
Xloader Payload
-
Suspicious use of SetThreadContext
-