General
-
Target
03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
-
Size
297KB
-
Sample
230201-fv7zyaca28
-
MD5
1389a18fcec0387decef3285f554284c
-
SHA1
03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
-
SHA256
b4e90d54cb2c30b79086c1b143ecaa786a8e3866478c8d02755a5af2522f6337
-
SHA512
836a3447d3b9f76060fc8a3bab4491cb7ac01a70eaac0636e1726bbb444fde7ec9af8e4d0bef9dd395b0af30cd3ff6bfe4a6473a7c37b82f2bf1650db7043ab9
-
SSDEEP
6144:aDEMO1jp2qn9FrB/WOUh97Zl9T0cP1jRLTxpeRq0mRAHN61Z:wElDXn9FLUPBT0cNZYFmRWwZ
Static task
static1
Behavioral task
behavioral1
Sample
03d9cbee9522c2c8a267b7e9599a9d245c35c7ac.exe
Resource
win7-20220812-en
Malware Config
Extracted
xloader
2.3
hxyz
rocketfail.info
myktbw.com
weednbooze.com
payme-checkout.com
mrt2022.com
uokyasti.icu
hoteldesilvapiaseczno.com
hcdongli.net
8usd.com
africasupplychainthinktank.com
50by250.net
thelsdesign.com
lauraapine.com
albrightonhouse.com
m-arad-attorney.com
wongtangstore8.host
davisandstine.com
catcatwoman9camcomto.photos
jumpstarbungee.com
complexx-industries.com
rmplpaintball.com
razaandfahad.com
dpsunom.com
inapinchprovisions.com
inlifetime.com
sisters-choice.com
rideplans.com
ontradein.com
untamedenergyacademy.com
addmeonsnapchat.com
bluheavenparchment.com
sreepallaki.com
thewilmingtonguide.com
mycaraccidentclaim.com
ultraman.world
ashmindsetcoaching.com
devinelightwarrior.com
tabicamera-blog.com
gojoybullet.com
fleurandfreckles.com
2558a.com
liberate13.com
akk-shoping.store
construccionespassivhaus.com
westoverruggedhealth.com
aidfinternational.com
paytm-finance.com
loveyouclub.com
thedigitallifeindex.com
maglex.info
ymenihair.net
mooresgrocery.com
itssi.info
estimatesize.com
coastlinebydesign.com
westsportscars.com
klubprezesa.net
gechu8.com
colinmaclachlan22sas.com
catherinecohen.net
thornhillwoodshomevalues.com
vz116.com
qz508.com
jivermind.com
carroseriasdeacero.com
Targets
-
-
Target
03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
-
Size
297KB
-
MD5
1389a18fcec0387decef3285f554284c
-
SHA1
03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
-
SHA256
b4e90d54cb2c30b79086c1b143ecaa786a8e3866478c8d02755a5af2522f6337
-
SHA512
836a3447d3b9f76060fc8a3bab4491cb7ac01a70eaac0636e1726bbb444fde7ec9af8e4d0bef9dd395b0af30cd3ff6bfe4a6473a7c37b82f2bf1650db7043ab9
-
SSDEEP
6144:aDEMO1jp2qn9FrB/WOUh97Zl9T0cP1jRLTxpeRq0mRAHN61Z:wElDXn9FLUPBT0cNZYFmRWwZ
-
Xloader payload
-
Suspicious use of SetThreadContext
-