General
-
Target
spam20.zip
-
Size
245KB
-
Sample
231208-nlsgwsbd65
-
MD5
68dba7849a17cedd2a01d83747361977
-
SHA1
38ed165a12de392dce2ef71b1d03accb59add386
-
SHA256
81ea4700e1743391fa6b56be2969c944c8451ec81215f7a0cbf88537e4108157
-
SHA512
5bfed6c349a06f1d674a85a1d4343a7096ff97b400ad53347c44b7753c97a219f9207aedffcf7b7947fdbfddc7c2f63b6c48ce19fe91212684d06a91cfeaeff0
-
SSDEEP
6144:Me8V9G8P+JAfrJ1sdmO9ieKxY/c3GvCLCe74TIa:Me8Vk8P+JSsALeKxY/PvCj7Ta
Static task
static1
Behavioral task
behavioral1
Sample
spam20.dll
Resource
win7-20231020-en
Malware Config
Extracted
zloader
crypto1
crypto
http://wmwifbajxxbcxmucxmlc.com/post.php
http://ojnxjgfjlftfkkuxxiqd.com/post.php
http://pwkqhdgytsshkoibaake.com/post.php
http://snnmnkxdhflwgthqismb.com/post.php
http://iawfqecrwohcxnhwtofa.com/post.php
http://nlbmfsyplohyaicmxhum.com/post.php
http://fvqlkgedqjiqgapudkgq.com/post.php
http://cmmxhurildiigqghlryq.com/post.php
http://nmqsmbiabjdnuushksas.com/post.php
http://fyratyubvflktyyjiqgq.com/post.php
-
build_id
110
Targets
-
-
Target
spam20.dll
-
Size
358KB
-
MD5
6501006a6d47bc73976db9f3385c3c46
-
SHA1
53082a7fa62dc4fe54586df6a6e481fe8beca1aa
-
SHA256
c55e3938e9c2c9d00235d8ed87a55adc18fa1c6377a9ee0fd6212916c67d0020
-
SHA512
df63e60f12d153e16b78464162dbd5d052192a1e09814eb91e21d28256a652ae04eb7ccdaf4022c95c9779edfbe15df7a708717a1c247cfe2d16e8d9f911bf0c
-
SSDEEP
6144:091kAIgU+wK4UrePimd2jGZFakdU8fLx1tK7IwyBfb7T0Y:090gUQe6dUFHU8pi6xb7T
-
Suspicious use of SetThreadContext
-