General
-
Target
1dce0fc0bcc3ed4f7af74bdaeef37a5f
-
Size
1.2MB
-
Sample
231230-1vnaragegp
-
MD5
1dce0fc0bcc3ed4f7af74bdaeef37a5f
-
SHA1
44db74becdf78474e7b4418cd24274b88410c02f
-
SHA256
e8bb9e81ed75437b45f90b1c65e3100c618090d66d7fa37f5208fedc6972f142
-
SHA512
55770eaac58703a98bb05f8da7b7357cd09b747de3dbb89f41fae380d6fa50ad5302398c8b8fffa18257b234e5f3e7a7a315bd0470f379720d34fd8b1e317f46
-
SSDEEP
24576:cxOsBgo0q4wMMBmCmTOUd+L6kLXWGmHUdR6B8w5+lx/2:cIoHMUmCm6Ud+zLXbmHVB8Bx+
Static task
static1
Behavioral task
behavioral1
Sample
1dce0fc0bcc3ed4f7af74bdaeef37a5f.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.3
wten
largshomebuyers.com
hqs.xyz
stormvalleysoapco.com
coolsoftware.xyz
creditfitbootcamp.com
mdroc.com
cooperseyewear.com
mrleyos.com
apipacking.com
mtdivas.com
bim3dstudio.com
ngdnwgtsf.club
arknmhsc.com
expowe.icu
surfacesupplierscanada.com
thinbluelion.com
vbetmalaysia.com
christcarriers.com
easternshoreautobody.com
healthyvibrantandbeautiful.com
lacarerx.com
woofreelance.online
larkfam.com
worldambedkarsociety.com
cedeaccount.com
xn--qbt233i.xn--hxt814e
the-level.net
bhoomifoodsdaily.com
testjaycypes015.com
indiarmc.com
bestskiboat.com
blackmarkethn.com
watdomenren48.com
approvednursingdegreeca.com
oxystudio1.com
digitalaage.com
comingintopower.com
bhakti.exchange
msd.rest
rostig-brennend.com
techbotsoftware.com
abrosnm3.com
hamrharddrive.com
eglobaldirect.com
rollingrevenueroadmap.com
yourchanceisnow.com
supremeleas.com
roshanrajas.com
peppershare.net
augeware.com
kvperryman.com
electricvehiclesdetroit.com
dinhgianhadatdanang.com
dbd-cs.com
bfosterbeauty.com
maildeskserv.com
pickenshomesforless.com
hawrang.com
janinefowler.com
yz-wsly.com
cyberfamilydesignagency.com
shopchampagnetoast.com
in-homeaccountants.com
targetstudio.net
kolpath.com
Targets
-
-
Target
1dce0fc0bcc3ed4f7af74bdaeef37a5f
-
Size
1.2MB
-
MD5
1dce0fc0bcc3ed4f7af74bdaeef37a5f
-
SHA1
44db74becdf78474e7b4418cd24274b88410c02f
-
SHA256
e8bb9e81ed75437b45f90b1c65e3100c618090d66d7fa37f5208fedc6972f142
-
SHA512
55770eaac58703a98bb05f8da7b7357cd09b747de3dbb89f41fae380d6fa50ad5302398c8b8fffa18257b234e5f3e7a7a315bd0470f379720d34fd8b1e317f46
-
SSDEEP
24576:cxOsBgo0q4wMMBmCmTOUd+L6kLXWGmHUdR6B8w5+lx/2:cIoHMUmCm6Ud+zLXbmHVB8Bx+
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Xloader payload
-
Suspicious use of SetThreadContext
-