General
-
Target
bb8b400c9c3f444de381acf781cbebcc
-
Size
418KB
-
Sample
231220-q2dpsaacek
-
MD5
bb8b400c9c3f444de381acf781cbebcc
-
SHA1
1598261c37d405414e8e33e141ce50b1e6a3ef59
-
SHA256
a785cde7fd80fcc3fd215825a5d5d8d50d51092ba0df183c5d56bddd89e4bc07
-
SHA512
53d22e8c4f83852a2b4bac90b2d109f82589178e9af37e5ce62dc64070677d402dd810e671bba7c26ef94563e360b3fc6df3b5d88e0a42e2cfec13081e65252e
-
SSDEEP
6144:nnGcWifAcEOT/aNi7qagbMhag3bkyElEQ1qFjfVhlLgIdfHZk6OdQ+3HwO:nGcdmSSNsqagga6knER1VhlLXgwo
Static task
static1
Behavioral task
behavioral1
Sample
bb8b400c9c3f444de381acf781cbebcc.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.5
ef6c
gicaredocs.com
govusergroup.com
conversationspit.com
brondairy.com
rjtherealest.com
xn--9m1bq8wgkag3rjvb.com
mylori.net
softandcute.store
ahljsm.com
shacksolid.com
weekendmusecollection.com
gaminghallarna.net
pgonline111.online
44mpt.xyz
ambrandt.com
eddytattoo.com
blendeqes.com
upinmyfeels.com
lacucinadesign.com
docomoau.xyz
xn--90armbk7e.online
xzq585858.net
kidzgovroom.com
lhznqyl.press
publicationsplace.com
jakante.com
csspadding.com
test-testjisdnsec.store
lafabriqueabeilleassurances.com
clf010.com
buybabysnuggle.com
uzmdrmustafaalperaykanat.com
levanttradegroup.com
arcflorals.com
kinglot2499.com
freekagyans.com
region10group.gmbh
yeyelm744.com
thehomedesigncentre.com
vngc.xyz
szesdkj.com
charlottewright.online
planetgreennetwork.com
pacifica7.com
analogueadapt.com
sensorypantry.com
narbaal.com
restaurant-utopia.xyz
golnay.com
szyyglass.com
redelirevearyseuiop.xyz
goldsteelconstruction.com
discovercotswoldcottages.com
geniuseven.net
apricitee.com
stopmoshenik.online
ya2gh.com
instatechnovelz.com
dbe648.com
seifjuban.com
conquershirts.store
totalcovidtravel.com
pamperotrabajo.com
satellitphonestore.com
fis.photos
Targets
-
-
Target
bb8b400c9c3f444de381acf781cbebcc
-
Size
418KB
-
MD5
bb8b400c9c3f444de381acf781cbebcc
-
SHA1
1598261c37d405414e8e33e141ce50b1e6a3ef59
-
SHA256
a785cde7fd80fcc3fd215825a5d5d8d50d51092ba0df183c5d56bddd89e4bc07
-
SHA512
53d22e8c4f83852a2b4bac90b2d109f82589178e9af37e5ce62dc64070677d402dd810e671bba7c26ef94563e360b3fc6df3b5d88e0a42e2cfec13081e65252e
-
SSDEEP
6144:nnGcWifAcEOT/aNi7qagbMhag3bkyElEQ1qFjfVhlLgIdfHZk6OdQ+3HwO:nGcdmSSNsqagga6knER1VhlLXgwo
-
Xloader payload
-
Suspicious use of SetThreadContext
-