General
-
Target
zlibai.dll
-
Size
26.5MB
-
Sample
230330-k3wzvsbh53
-
MD5
1eec76d149464a0ddde558b9867ee1f2
-
SHA1
a46c1b1ea806e8ac7e13759dec03e63e516b3018
-
SHA256
fa62a8cc511d051499e8609344f7edba8bb2034f4ac732deb8fbc9599356a767
-
SHA512
d52c5724ff44d1e0572a158584534682918dafd9e58494e33ece75e3bca0aafcd788c20659ba667bdfac330248d9a2e7b6da75a9baac4562289a775f5a22cec0
-
SSDEEP
393216:XxLQMQ9zIAcfQ4EScuKctwpCKch2iLxTaRetMfrjCA9Dt6S7Rxmj2o1Lu9AC:BqocpxpCjssMfrjCwtLRTou9A
Behavioral task
behavioral1
Sample
zlibai.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
zlibai.dll
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
zlibai.dll
-
Size
26.5MB
-
MD5
1eec76d149464a0ddde558b9867ee1f2
-
SHA1
a46c1b1ea806e8ac7e13759dec03e63e516b3018
-
SHA256
fa62a8cc511d051499e8609344f7edba8bb2034f4ac732deb8fbc9599356a767
-
SHA512
d52c5724ff44d1e0572a158584534682918dafd9e58494e33ece75e3bca0aafcd788c20659ba667bdfac330248d9a2e7b6da75a9baac4562289a775f5a22cec0
-
SSDEEP
393216:XxLQMQ9zIAcfQ4EScuKctwpCKch2iLxTaRetMfrjCA9Dt6S7Rxmj2o1Lu9AC:BqocpxpCjssMfrjCwtLRTou9A
Score10/10-
Detects Grandoreiro payload
-
Grandoreiro
Part of a group of banking trojans, targeting Spanish and Portuguese speaking countries.
-