General
-
Target
05c2f58892baa673e6dce1721b2ba4c7
-
Size
676KB
-
Sample
231229-2hsv5sehhl
-
MD5
05c2f58892baa673e6dce1721b2ba4c7
-
SHA1
6dc750666d98c463229074c3e52ca2a65fc6ab4b
-
SHA256
e188030a6e62811cb9b70788732d04e339e1396c2d546362fa2b47ac572c9fc6
-
SHA512
ac2a9de3d69531b0c5ad15fba8ad9c029d1e3bfa5a32da6bd23200822daef23c0bbb6f87d1939b3a54236156965385ab9f29979eacc4a7e42ccd5c5ac77b16ca
-
SSDEEP
12288:Ii3XY/Lu5XtnzM2Z9PINmx/2X3JQIOOwYMxz12YnoI5r2BEnyOW91DnLqZeYCtSo:IPzu5dnF9Pymg5NMxNoI0
Static task
static1
Behavioral task
behavioral1
Sample
05c2f58892baa673e6dce1721b2ba4c7.exe
Resource
win7-20231129-en
Malware Config
Extracted
xloader
2.3
gm9w
steffiemor.com
qe2rvstorage.com
louisteak.com
top-dex2.com
fafeiya.com
saffure.com
1upshopandstuff.com
wemove66.com
deckswap.info
joinjifu.com
joboval.com
stilldeliciousvegan.com
intercunt.com
espaciosterapeutas.com
doglai.com
situationslayer.com
adbreaks.net
cdjy666.com
ap70mm.com
gwh525.xyz
ehealthvt.com
brihastie.com
mariathecleaningfairy.com
am8886.com
uaz-chile.com
andreavarela.life
bbbx4.com
sponge-butt.com
129772.com
gakadaselectricals.com
dreambigmalta.com
service-kanbsvtsrkfrtk.com
xn--mariachilen-zeb.com
spellboundgardens.com
hide-illusion.com
mainstreamtravels.com
indiankitchenstjohnswood.com
alritmodelaselva.com
keelzo.com
chipoltr.com
florentinatravel.com
mysteryinabox.net
689abc.com
musicmoral.icu
lukesmugs.com
reatraur.com
studio27cincinnati.com
thegoddessguides.com
luxe-byb.com
singaporeplan.com
asyaalisveris.com
mod-designsllc.com
mdjbjsc.com
radioaraguaia.com
adeliabeautystore.com
shopantourage.com
cotizadorcipsa.com
kingsalumi.com
techlearning.group
gibraltarcorp.com
queenhousespa.com
thecarburetor.com
bitlisorganikurunleri.com
intechcements.com
activepurelawsuit.com
Targets
-
-
Target
05c2f58892baa673e6dce1721b2ba4c7
-
Size
676KB
-
MD5
05c2f58892baa673e6dce1721b2ba4c7
-
SHA1
6dc750666d98c463229074c3e52ca2a65fc6ab4b
-
SHA256
e188030a6e62811cb9b70788732d04e339e1396c2d546362fa2b47ac572c9fc6
-
SHA512
ac2a9de3d69531b0c5ad15fba8ad9c029d1e3bfa5a32da6bd23200822daef23c0bbb6f87d1939b3a54236156965385ab9f29979eacc4a7e42ccd5c5ac77b16ca
-
SSDEEP
12288:Ii3XY/Lu5XtnzM2Z9PINmx/2X3JQIOOwYMxz12YnoI5r2BEnyOW91DnLqZeYCtSo:IPzu5dnF9Pymg5NMxNoI0
-
Xloader payload
-
Suspicious use of SetThreadContext
-