General
-
Target
0c90a502cf1d5e66b289b82a22fc1693
-
Size
1.3MB
-
Sample
231225-hjrjxshbc8
-
MD5
0c90a502cf1d5e66b289b82a22fc1693
-
SHA1
b7309e98f9d8b58442a77e1619e4524efd7f6a35
-
SHA256
12d89c6e8e3ef2ec6ae4fda7dce291a2418a51daa9eba44a583ced847c9e4e42
-
SHA512
fdb013cb09ca14093e5a2f177f91ed1349d47f4c17f7f610818fcf583c00ac518ed55eb655ed460b157024c150b23cdc8406d3795253a5ec7096adc339a2b6b3
-
SSDEEP
24576:RZKjksXks2y8j19UAWU6rXVoHHsxZmJYis4xBZMN6Z7nsG/d60wZ:RZKaPUjU6rXVosx8J24xgN6Z7n8
Static task
static1
Behavioral task
behavioral1
Sample
0c90a502cf1d5e66b289b82a22fc1693.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.3
uecu
ishtarhotel.com
woodstrends.icu
jalenowens.com
manno.expert
ssg1asia.com
telepathylaw.com
quickoprintnv.com
abrosnm3.com
lumberjackcatering.com
beachujamaica.com
thomasjeffersonbyrd.com
starryfinds.com
shelavish2.com
royalglamempirellc.com
deixandomeuemprego.com
alexgoestech.xyz
opticamn.com
fermanchevybrandon.com
milbodegas.info
adunarsrl.com
dataatlus.com
missabrams.com
beaconservicesuk.com
tvforpc.website
dipmarketingagency.com
milsontt.com
londonsashwindowsservices.com
feedmysheepdaily.com
firsttimephysics.com
hosefire.com
southdocknj.com
idfstool.com
drelip.com
decayette.com
awakenedgodsofbeauty.com
easttexasranch.com
risinglanka.com
meetingoffices.com
vase-composition.com
kupon.asia
alltimeselfstorage.com
gatorbrewcoffee.com
api-pay-agent.com
height-project.online
flbtyc638.com
psdmoravita.com
highbrowhairstudio.com
deepblueriver.com
yh22022.com
sts-100.com
michaelfmoore.com
alzheimers.computer
produtos-servicos.website
zyuyktlcu.icu
ezewasser.com
outstanding-palisade.com
saioura.com
core.run
allaboutlifeblog.com
foodolog.net
somerderm.com
scootrlv.com
ahjjbxg.com
gasworldchampionships.com
illoftapartments.com
Targets
-
-
Target
0c90a502cf1d5e66b289b82a22fc1693
-
Size
1.3MB
-
MD5
0c90a502cf1d5e66b289b82a22fc1693
-
SHA1
b7309e98f9d8b58442a77e1619e4524efd7f6a35
-
SHA256
12d89c6e8e3ef2ec6ae4fda7dce291a2418a51daa9eba44a583ced847c9e4e42
-
SHA512
fdb013cb09ca14093e5a2f177f91ed1349d47f4c17f7f610818fcf583c00ac518ed55eb655ed460b157024c150b23cdc8406d3795253a5ec7096adc339a2b6b3
-
SSDEEP
24576:RZKjksXks2y8j19UAWU6rXVoHHsxZmJYis4xBZMN6Z7nsG/d60wZ:RZKaPUjU6rXVosx8J24xgN6Z7n8
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Xloader payload
-
Suspicious use of SetThreadContext
-