General
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.10177.26773
-
Size
816KB
-
Sample
220809-mstg4aagd9
-
MD5
d7fcb51b3e93ea2e70a02de4b2c0011e
-
SHA1
c5df652175290e899cfe98ad8ee2b246c485b613
-
SHA256
18168b3b4264b7b6a54ba58f1297579e93005bea584f95db6ab7631ab64e456c
-
SHA512
41be8b04263a486aae525e3f16a60b4071f47ffe672ebe719d2a9f4be5ac61908db38de07448086912c3fc9b5f9140dbde7947e9c42f5a1e40b56aaa7b74e3e0
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetectNet.01.10177.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.W32.AIDetectNet.01.10177.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
xloader
2.6
vweq
liharyo.store
irts-byscioteq.com
364665.com
doorknob.xyz
flowerempire.online
wintec-beratung.com
samadidentalclinics.com
rachelallencounseling.com
luprs.online
dcyshopingit.website
dadagaga.group
modayunpocomas.com
yishanone.com
zaqqerr.com
mojavestack.com
investors-field.com
villanewinsxr.com
sdlanyutu.com
inno-link.tech
shuangyingmaoyi.com
pingguo555.com
sianghan.com
hebronooty.site
benchmarkwritersuniverse.com
xiaoxinec.com
waseemk.com
findbing.com
rainsforgrowth.com
synkratos.com
xn--jywtt.xn--55qx5d
lovingpetportraits.com
novusdesigners.com
studyomoon.online
optalote.com
zydujou.info
korbit.pro
lastmindset.net
medicalspill.com
vita-gp.com
curerxnj.com
acesoapp.com
dopefittedgroup.com
codesagepk.com
fashion8848.com
christobank.com
societeeapp.com
lookgreat.xyz
2ndmall.net
mymaptracker.com
postales.xyz
bonchancefashionweek.com
flizymine.com
lakeshoreriverfront.com
ilam.store
appcirrus.net
orasse.xyz
bitcoinist.info
rapiturs.com
templos.store
urbanblum.com
soruolusturmateknigi.com
kubybuildingco.com
marvelesol.com
mywrestlingheroes.com
ooblender.com
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.10177.26773
-
Size
816KB
-
MD5
d7fcb51b3e93ea2e70a02de4b2c0011e
-
SHA1
c5df652175290e899cfe98ad8ee2b246c485b613
-
SHA256
18168b3b4264b7b6a54ba58f1297579e93005bea584f95db6ab7631ab64e456c
-
SHA512
41be8b04263a486aae525e3f16a60b4071f47ffe672ebe719d2a9f4be5ac61908db38de07448086912c3fc9b5f9140dbde7947e9c42f5a1e40b56aaa7b74e3e0
Score10/10-
Xloader payload
-
Adds policy Run key to start application
-
Suspicious use of SetThreadContext
-