General
-
Target
SecuriteInfo.com.Trojan.GenericKD.46640893.31769.927.exe
-
Size
515KB
-
Sample
221230-v3p7esga85
-
MD5
f3a9d5deb7dd858b061a15db5a7ad7bf
-
SHA1
b27a84343f94f48d61977cd1ac8a256be6147a7f
-
SHA256
01185a62dae5e19c37748c6366026ff41bfc56b6d9fcd61c1cc9f4750ef82891
-
SHA512
29907489804c372216765aa6f613b020f228aa48f7d7a2c25276e609b0869b0127b85b9d1fc12c52e05eff60798d61ae71ccc39b9c04b6a023454a43ab25cda8
-
SSDEEP
12288:ibsv0ufRA9xjjt9ybg/Pp490LqbWKY3n4T6ivRO:ibSfRAJDhobJ8OLE
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKD.46640893.31769.927.exe
Resource
win7-20220812-en
Malware Config
Extracted
xloader
2.3
oyde
filgon.net
orientystek.xyz
tysonintelligent.com
paineldeledpocosdecaldas.com
cghandbags.com
waldprojects.com
wichitakshomesearch.com
zxb688.com
zqaxf-efeb.xyz
bestshop-foryou.online
deceremonieschool.online
somebodyson.com
speersdigital.com
lideutank.com
victorapp.net
graciainc.com
urdunovelshd.com
hanbaoxin.com
weknowitsgenius.com
ruefandassociates.com
appopener.com
qhnlwgkx.icu
zarnoorfashion.com
gundogduagro.com
gloriabracciano.com
fancyschmancycampervans.com
cuckholdings.com
murilowebdesigner.com
cranco.net
websitecheaphosting.com
ismywebsite.online
organiclifebox.com
kingshomeinspections.com
cunix88.com
smooth88.com
mcemarketingconcepts.com
gufdganutm.net
scanheaithplan.com
stache73.com
insight4pty.com
runearfit.com
workinginschool.net
realitytointelligence.com
americannegrocongress.com
minions.digital
reservescanner.com
chapstick.sucks
sigo6.com
pcj.asia
qzjbsm.com
awilliamsrealty.com
blackwomencamp.com
dinnerboerne.com
blkmktbar.com
dynastygrid.com
hongkongmaskwholesales.club
catawbatwokingscasinoresort.com
tihlive.com
ismsportswear.com
rocboard.com
mohamedalihussein.com
usenhz.com
ebbada.com
carenages-macmoto.com
dawnst.one
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.46640893.31769.927.exe
-
Size
515KB
-
MD5
f3a9d5deb7dd858b061a15db5a7ad7bf
-
SHA1
b27a84343f94f48d61977cd1ac8a256be6147a7f
-
SHA256
01185a62dae5e19c37748c6366026ff41bfc56b6d9fcd61c1cc9f4750ef82891
-
SHA512
29907489804c372216765aa6f613b020f228aa48f7d7a2c25276e609b0869b0127b85b9d1fc12c52e05eff60798d61ae71ccc39b9c04b6a023454a43ab25cda8
-
SSDEEP
12288:ibsv0ufRA9xjjt9ybg/Pp490LqbWKY3n4T6ivRO:ibSfRAJDhobJ8OLE
-
Xloader payload
-
Suspicious use of SetThreadContext
-