General
-
Target
059d92b876948ff3102b8c78e26621d0
-
Size
929KB
-
Sample
231229-2d6w7sdhgr
-
MD5
059d92b876948ff3102b8c78e26621d0
-
SHA1
e6bece6beffcd17c46750905bf89687de514af0e
-
SHA256
55dc099e790b76a62f56ef105ca53205ea69d9f4027a93554b03d573f112d643
-
SHA512
07fca22a8a65ad3108f6406d1a80b7f1b6467939fee349b80cd2bdde97c77475dcd826715687896f7b1e7310c597919ef8bc5a9ceb550cab57c78e9b0b544314
-
SSDEEP
12288:UYcsGI/cSU+zdTGN/u+I7tTduj0E/VE1/SvmzgLcYz+V77ntOURyawjAJEp2EObk:UcnzdyhmtT879E1aHcE+tDRajr
Static task
static1
Behavioral task
behavioral1
Sample
059d92b876948ff3102b8c78e26621d0.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.3
kmb0
undergroundumbrella.net
911dronesolutions.com
virtualisbureautique.com
top-dex2.com
domaddict.net
dailyinformers.com
lovefromnewyork.com
trhszyy.com
medbedz.com
localoffersdirect.com
lxgyuming.com
jonhv.com
causaqg.icu
mma4kids.net
plexfun.com
raykadesign.com
zerocreditlease.com
tayreypsllc.com
0356530708.com
antman100.com
aanusolutions.com
provisorischeanmeldung.com
ttcengenharia.com
buytwittersfollowers.net
finedispatchtowitnesstoday.info
joywoolly.com
salkblend.com
bathece.com
handyman-harrisburg.com
dalekizori.com
godancex.com
sorincristescu.com
nsajman.com
cloudthreatcenter.com
rurewyeft.icu
vitaprolab.xyz
supportheblue.com
halobodyapp.com
avoidforeclosureusa.com
advancedultralightfun.com
smugfantasyfootball.com
enciperforms.com
sabapods.com
ab3demo.com
aostirmotor.site
inwellvapor.com
heathershomebuying.com
petalgo.net
strategery.cloud
4-1-1.net
geocoooling.com
diaryofreem.com
honoluluvenues.com
blytheriverboathouse.com
daffodildecor.com
richardrealestate1.com
russia.lgbt
gopallohar.com
365school.xyz
dbnfnleoba.club
twicegoods.com
melbournepercussionteacher.com
donglingwangluo.com
theweedgalaxy.com
2923grand.com
Targets
-
-
Target
059d92b876948ff3102b8c78e26621d0
-
Size
929KB
-
MD5
059d92b876948ff3102b8c78e26621d0
-
SHA1
e6bece6beffcd17c46750905bf89687de514af0e
-
SHA256
55dc099e790b76a62f56ef105ca53205ea69d9f4027a93554b03d573f112d643
-
SHA512
07fca22a8a65ad3108f6406d1a80b7f1b6467939fee349b80cd2bdde97c77475dcd826715687896f7b1e7310c597919ef8bc5a9ceb550cab57c78e9b0b544314
-
SSDEEP
12288:UYcsGI/cSU+zdTGN/u+I7tTduj0E/VE1/SvmzgLcYz+V77ntOURyawjAJEp2EObk:UcnzdyhmtT879E1aHcE+tDRajr
-
Xloader payload
-
Suspicious use of SetThreadContext
-