General
-
Target
b80b8ce41c6c6b67a0683a7c400a24c2270981bdec1b85f4111a0f5a5af3467a
-
Size
314KB
-
Sample
230129-vgbf5sfg5s
-
MD5
7b74e2dc26c5931e3a3103ed71d6bb06
-
SHA1
8201e9871601e4eefe5fa004a4dc670f7a57b9b6
-
SHA256
b80b8ce41c6c6b67a0683a7c400a24c2270981bdec1b85f4111a0f5a5af3467a
-
SHA512
ab93509d1bd7fcd7fce7eeace9d7e82f7747d3bcd1fe6b70c207aa5fa9dd2c80124167ce1465d35382dd5a842b3e734f6a550d608ab077e1e297e5befccfcc14
-
SSDEEP
6144:pqjIlffgjQfRH8zoM6Zp8ucm9FP1Uv/NmgrUU3ub6E69MDt:AKgMfR7v8zmj1WFmBBeeR
Static task
static1
Behavioral task
behavioral1
Sample
b80b8ce41c6c6b67a0683a7c400a24c2270981bdec1b85f4111a0f5a5af3467a.exe
Resource
win7-20220812-en
Malware Config
Extracted
xloader
2.3
a0ce
mccordsvillefinehomes.com
alibaba-provader.space
clearpatron.com
chajmf.com
advaitatestdominio.com
nataliacuminale.com
homeremodelingokc.com
telecomcruz.com
thusspokelibraealus.com
xtr3cafe.com
kjfamilypropertyllc.com
sofakingwet.com
360ttzw.com
foodel-uk.com
bonedibangaliyana.com
atozcontractingmdmd.com
outreachrespectfully.com
betterworldtees.com
bookreservationz.net
fallguysmobel.com
flavorsdealivery.com
ailunsai.com
yabojianzhu.com
collisionrepairsvictoriabc.com
foodcondor.icu
blackfencefarms.com
sarahhoellein.com
bowaxuy.online
oticamundao.online
sporttv.pro
hummingbirdflower.com
zxmrwz.com
thinkingonmyown.com
zhhmzxmr.com
berriespops.com
acleanoutlook.com
lindasullivanjewelry.com
puntosistemi.online
lavendrum.com
daiyer.com
intelli-grid.com
brachialgirl.com
ibusinesshero.com
pandemidestekbildirgesi-tr.com
carrotrade.com
2d3dkoko.com
learn-interviewskills.com
brazilianhairtoorder.com
jeaniescreation.com
scriptures66.com
drrobertbruno.com
cntrly.com
ottawaathome.club
zcun-gewzi.xyz
xctymg.com
vpzgueps.icu
lkzone2020.com
bmcdom.com
bostonm.info
benjamesmentoring.com
precisiongoodsllc.com
transitionicon.net
elementi.design
teawithscott.com
pwzcl.com
Targets
-
-
Target
b80b8ce41c6c6b67a0683a7c400a24c2270981bdec1b85f4111a0f5a5af3467a
-
Size
314KB
-
MD5
7b74e2dc26c5931e3a3103ed71d6bb06
-
SHA1
8201e9871601e4eefe5fa004a4dc670f7a57b9b6
-
SHA256
b80b8ce41c6c6b67a0683a7c400a24c2270981bdec1b85f4111a0f5a5af3467a
-
SHA512
ab93509d1bd7fcd7fce7eeace9d7e82f7747d3bcd1fe6b70c207aa5fa9dd2c80124167ce1465d35382dd5a842b3e734f6a550d608ab077e1e297e5befccfcc14
-
SSDEEP
6144:pqjIlffgjQfRH8zoM6Zp8ucm9FP1Uv/NmgrUU3ub6E69MDt:AKgMfR7v8zmj1WFmBBeeR
-
Xloader payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-