General
-
Target
b45601c94bc29ed138616c6ca1db4cb3
-
Size
1.1MB
-
Sample
231227-spxy1aaac8
-
MD5
b45601c94bc29ed138616c6ca1db4cb3
-
SHA1
71401849b07a4cfbedaec0ed8621c00425c6fedf
-
SHA256
43b1111f92ac92c2804ebe0316d8e7d91b4b4fb6daa00e82fefd02c483eda1a3
-
SHA512
4fa75a4b67d3e9ecaaf2504bcef041f4334d1338a075b887e90b6e60128fd3b2668ab7c1128e5c64c01a1e8d5cc8a9d94efee29d2f20876c2e38db078d5a3022
-
SSDEEP
24576:odS/d31Kzks8ks21oODt9HJcPNoPZBUK3ITy8jh8N7ZN:JKDBxfQK30ON7ZN
Static task
static1
Behavioral task
behavioral1
Sample
b45601c94bc29ed138616c6ca1db4cb3.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.3
p596
ushistorical.com
lovepropertylondon.com
acupress-the-point.com
3772548.com
ambientabuse.com
primaveracm.com
themidwestmomblog.com
havasavunma.com
rockyroadbrand.com
zzphys.com
masque-inclusif.com
myeonyeokplus.com
linkernet.pro
zezirma.com
mysiniar.com
andreamall.com
mattesonauto.com
wandopowerinc.com
casaurgence.com
salishseaquilts.com
yourchanceisnow.com
tumulusresearch.com
blendandspend.com
pevention.com
cloudrevolutionawards.com
beadedbodied.com
marylandpaymentrelief.net
5935699.com
silverleafcompanies.com
slxxxhub.com
combatstriking.com
sex-shop.life
cuncunkan.com
italiamo-magagine.com
sfvoterguide.com
2012boulevard.com
mslookbook.com
897tj1.net
cgslnc.net
kashyaptalkz.com
researchcse.com
lunzhu168.com
mlfkt.com
customcardstudio.com
kirklandramblerforsale.com
magetu.info
wptheme247.com
purposedenver.com
journaldelaphotographie.com
yieldwadi.site
mobilefriendlysites.com
ocularjournal.com
consigli.energy
infintylights.com
itcohempproject.com
montcairo.net
allegrohascockroaches.com
flexbandofficial.com
greatindiapropertyshow.com
kabin-fever.com
designsoc.com
javlao.com
controltower.services
masihsarap.com
lapashawhite.com
Targets
-
-
Target
b45601c94bc29ed138616c6ca1db4cb3
-
Size
1.1MB
-
MD5
b45601c94bc29ed138616c6ca1db4cb3
-
SHA1
71401849b07a4cfbedaec0ed8621c00425c6fedf
-
SHA256
43b1111f92ac92c2804ebe0316d8e7d91b4b4fb6daa00e82fefd02c483eda1a3
-
SHA512
4fa75a4b67d3e9ecaaf2504bcef041f4334d1338a075b887e90b6e60128fd3b2668ab7c1128e5c64c01a1e8d5cc8a9d94efee29d2f20876c2e38db078d5a3022
-
SSDEEP
24576:odS/d31Kzks8ks21oODt9HJcPNoPZBUK3ITy8jh8N7ZN:JKDBxfQK30ON7ZN
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Xloader payload
-
Suspicious use of SetThreadContext
-