General
-
Target
File.exe
-
Size
275KB
-
Sample
221114-evjrnshh2t
-
MD5
bdc781f3ff4937a9f53d0af613d00002
-
SHA1
0e1a3279035daa3d0681fd24e2a7c1d446882054
-
SHA256
bbf8dbb3ca59a60f20438cabbb16449bdecbfa4c6347172a6e20c3639dd4e2fd
-
SHA512
c7311fc23ca7d6552dcf759aed5bd000df04ac78d672d6cab2ee7976301714a96773dda7c0b76e6abc26f4852318a02218e549cd1e392fbbd59bf56a5e28e145
-
SSDEEP
3072:rGzL73C+EJJizQLen9S0ovEVJPqxHAcKaRfpbqZdD5Ffyllyg++nAFk5qAnH:yzLrC+Ed410Od2nfp2ZN5peXZnAzK
Static task
static1
Behavioral task
behavioral1
Sample
File.exe
Resource
win10-20220812-en
Malware Config
Extracted
privateloader
http://212.193.30.45/proxies.txt
http://85.202.169.116/server.txt
pastebin.com/raw/A7dSG1te
http://wfsdragon.ru/api/setStats.php
85.202.169.116
Targets
-
-
Target
File.exe
-
Size
275KB
-
MD5
bdc781f3ff4937a9f53d0af613d00002
-
SHA1
0e1a3279035daa3d0681fd24e2a7c1d446882054
-
SHA256
bbf8dbb3ca59a60f20438cabbb16449bdecbfa4c6347172a6e20c3639dd4e2fd
-
SHA512
c7311fc23ca7d6552dcf759aed5bd000df04ac78d672d6cab2ee7976301714a96773dda7c0b76e6abc26f4852318a02218e549cd1e392fbbd59bf56a5e28e145
-
SSDEEP
3072:rGzL73C+EJJizQLen9S0ovEVJPqxHAcKaRfpbqZdD5Ffyllyg++nAFk5qAnH:yzLrC+Ed410Od2nfp2ZN5peXZnAzK
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Legitimate hosting services abused for malware hosting/C2
-