General
-
Target
f006c4f210e64f24cd375249d50279bb
-
Size
725KB
-
Sample
231220-vhym3acdf7
-
MD5
f006c4f210e64f24cd375249d50279bb
-
SHA1
c0d6076b9f7a660d728fd0fc20a42146c6ead1b7
-
SHA256
6a403d45488a7edf4b19ed6436d63397e7950b08dcc2987a0149b7df2c219344
-
SHA512
099a8b532bbd13e739214dff84d91025ce967f7aa7040c9cd2df689e588b7abd003d5bafbf3d3dbefcec72a7a96a2ac493ac0b8baea31ae81b4b1fcfcd0853e8
-
SSDEEP
12288:gdclTNleKU+EYC2J6ylNCs6BzUNlik2Juno82:gdclTNleKUW/56JwH
Static task
static1
Behavioral task
behavioral1
Sample
f006c4f210e64f24cd375249d50279bb.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.5
ujaz
thehastyeinstitute.com
xisougou.com
binbin-ads.com
cellosalepage.com
tentarteconessen.com
easy-cleaner.com
product-review.club
techdigital.global
bitchesheartpickles.com
thekissclubltd.com
kryptoxchange.net
eighthundredthousand.info
companyintelapp.com
newswit.xyz
davidlissoni.com
lapassionara.com
energistichealth.com
av1tv.com
caofuqi.com
beatniq-scasset.com
fmhra.online
wattsandknots.com
gamerzincorporated.com
goldforcapgemini.com
fu9922.com
creaminpasteleria.com
dwyka.art
anthonyvid.xyz
aazxsgrt.club
aircoolservices.online
exsalon.com
irvingtonlumber.com
eatnewlyone.xyz
drivdev.net
poteconomist.com
adrift-affair.com
altona63.com
msbarker.com
voedseitobacco.com
pserotica.info
canakkaleescort6.xyz
interestingstore.store
exemptproof.com
86club.asia
hathse.com
lfgaliu.club
rbarraza.xyz
manualsurety.online
zasniekrabic.quest
officetaibo.com
lightfirefly.com
fabuliciousfashion.com
micmar.online
tigeratlspa.com
freshfoodservicebd.com
spiritpriest.com
globalscience-co.com
edufreetime.com
megacomixpublishing.com
3rdsourcegaming.com
creditcardscentersusaweb.com
bismanagement.com
associatesmusic.com
wendw.xyz
zurnwater.com
Targets
-
-
Target
f006c4f210e64f24cd375249d50279bb
-
Size
725KB
-
MD5
f006c4f210e64f24cd375249d50279bb
-
SHA1
c0d6076b9f7a660d728fd0fc20a42146c6ead1b7
-
SHA256
6a403d45488a7edf4b19ed6436d63397e7950b08dcc2987a0149b7df2c219344
-
SHA512
099a8b532bbd13e739214dff84d91025ce967f7aa7040c9cd2df689e588b7abd003d5bafbf3d3dbefcec72a7a96a2ac493ac0b8baea31ae81b4b1fcfcd0853e8
-
SSDEEP
12288:gdclTNleKU+EYC2J6ylNCs6BzUNlik2Juno82:gdclTNleKUW/56JwH
-
Xloader payload
-
Suspicious use of SetThreadContext
-