General
-
Target
todxofs.dll
-
Size
421KB
-
Sample
231208-mjmm7aaf64
-
MD5
f40160b2cfe0667cb4010a400a835a06
-
SHA1
976c70ede8d10e825cb9e5bd5da0dd2a251bd0e8
-
SHA256
d63088780e90eda6a7ce286d6b190614f0ea6f1f55c6e6e9d6a30260eb84d03c
-
SHA512
e919819cdc45b2ed93c69f3f0267698940ee316707f6a722697100bfa79da9d277667c0276f36ba47f62dea8855e18e0e8ffaf5a708b369d73d2961b9fdfc3b4
-
SSDEEP
6144:tZXN7Sgy8WA3gha780p2F2V6voOy5Gn7n0O8N5WYeXmseY1rmWd2KWJ:tjSgyhA30a78rQqIN5te20qWd2KWJ
Static task
static1
Behavioral task
behavioral1
Sample
todxofs.dll
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
todxofs.dll
Resource
win10v2004-20231127-en
Malware Config
Extracted
zloader
April23Fixed
April23Fixed
http://wmwifbajxxbcxmucxmlc.com/post.php
http://onfovdaqqrwbvdfoqnof.com/post.php
http://cmmxhurildiigqghlryq.com/post.php
http://nmqsmbiabjdnuushksas.com/post.php
http://fvqlkgedqjiqgapudkgq.com/post.php
http://iawfqecrwohcxnhwtofa.com/post.php
http://nlbmfsyplohyaicmxhum.com/post.php
http://snnmnkxdhflwgthqismb.com/post.php
-
build_id
120
Targets
-
-
Target
todxofs.dll
-
Size
421KB
-
MD5
f40160b2cfe0667cb4010a400a835a06
-
SHA1
976c70ede8d10e825cb9e5bd5da0dd2a251bd0e8
-
SHA256
d63088780e90eda6a7ce286d6b190614f0ea6f1f55c6e6e9d6a30260eb84d03c
-
SHA512
e919819cdc45b2ed93c69f3f0267698940ee316707f6a722697100bfa79da9d277667c0276f36ba47f62dea8855e18e0e8ffaf5a708b369d73d2961b9fdfc3b4
-
SSDEEP
6144:tZXN7Sgy8WA3gha780p2F2V6voOy5Gn7n0O8N5WYeXmseY1rmWd2KWJ:tjSgyhA30a78rQqIN5te20qWd2KWJ
Score10/10-
Suspicious use of SetThreadContext
-