General
-
Target
n4.exe
-
Size
285KB
-
Sample
230804-lz5y2aad94
-
MD5
bcdae9f51c056a8bdfda1ab7dd9291f9
-
SHA1
e25e061296177376ffb63a8679dab6294609d436
-
SHA256
d0bef870592d1095d72178c27b2ce81dc94163aa30fa0742d6d428a1485ae459
-
SHA512
06e2843889fdc5106af1e92047f14b49c01b1d6601225083f370fee355d58d7ea1d180ade81fde03d10b752fba0a4096193edfae5360473af5dcd930b67109b9
-
SSDEEP
3072:fjnDk9LzxWoER2GsQjMBiaf/UABDjX8guvrJ6tAQBRhxBhWdGrOJhjNS6O:fbwVxWo8sQIBiYTDjru16NOJhC
Static task
static1
Behavioral task
behavioral1
Sample
n4.exe
Resource
win7-20230712-en
Malware Config
Extracted
zloader
r2
r2
https://notsweets.net/LKhwojehDgwegSDG/gateJKjdsh.php
https://olpons.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://karamelliar.org/LKhwojehDgwegSDG/gateJKjdsh.php
https://dogrunn.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://azoraz.net/LKhwojehDgwegSDG/gateJKjdsh.php
-
build_id
136
Targets
-
-
Target
n4.exe
-
Size
285KB
-
MD5
bcdae9f51c056a8bdfda1ab7dd9291f9
-
SHA1
e25e061296177376ffb63a8679dab6294609d436
-
SHA256
d0bef870592d1095d72178c27b2ce81dc94163aa30fa0742d6d428a1485ae459
-
SHA512
06e2843889fdc5106af1e92047f14b49c01b1d6601225083f370fee355d58d7ea1d180ade81fde03d10b752fba0a4096193edfae5360473af5dcd930b67109b9
-
SSDEEP
3072:fjnDk9LzxWoER2GsQjMBiaf/UABDjX8guvrJ6tAQBRhxBhWdGrOJhjNS6O:fbwVxWo8sQIBiYTDjru16NOJhC
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-