Behavioral task
behavioral1
Sample
5af0cfb9787d350970aae722dead60552905ee0e3c9b032c690678684e3c061e.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5af0cfb9787d350970aae722dead60552905ee0e3c9b032c690678684e3c061e.exe
Resource
win10v2004-20241007-en
General
-
Target
5af0cfb9787d350970aae722dead60552905ee0e3c9b032c690678684e3c061e
-
Size
164KB
-
MD5
cacee4d459f33c0099d2688cd2eff79f
-
SHA1
ba03bf906e79cf72092104c8c37c4cfa54b28efe
-
SHA256
5af0cfb9787d350970aae722dead60552905ee0e3c9b032c690678684e3c061e
-
SHA512
72a74e738795868ccbadb8d22872597007dc944df9c59f8560d9787425a1f65e2494213bebf2ea63d3b3cbcbf9236828521b09db880eb23334e060d607d61e6c
-
SSDEEP
3072:5lJmyFjNt/mGQj5XM6XUf0CacmVp6I+VpP7vZHJOe:5+DxhM6Ef/acmVp6RVpP7vLO
Malware Config
Extracted
xloader
2.5
nug3
movinggameplans.net
sunrisetillsunuptow.com
vessaifeilde.quest
ov294.com
baobabbijoux.com
startuitive.com
sharj4030.online
neogenesivenice.com
timopartanen.com
julianaeclarindo.com
xbtiyu.com
tile666.com
hmgame668.com
johnfletcherllc.com
lingkarlengan.com
fdiqw.com
pathsat.sbs
age-oldpklduy.xyz
0876jz.com
misight1day.lat
rgbc.group
fayastix.com
xianganbao.com
deals4me.store
fame-home.com
ceruletower.com
yhm9r.online
tmongpil.com
barnane.com
abilityplace.agency
hdmovietrailers.net
lynxvms.com
nobt.top
ease-dev-core.com
care-location-map.xyz
jrioetuiojkv.store
sapotore.com
zekibasriestate.com
52juns.com
stilllifecoffee.com
bagour.com
ourgreendiary.com
fullnatura.com
silksoftmilkofgoat.xyz
helpdeskadmin.biz
myarhaus.com
gogoma3.com
gevewayy.xyz
jiaxiang39.com
twinix.info
karamrentacar.com
logisticsolved.com
xn--4gqyn781iuoq.xyz
dewyskins.com
tipmoderna.com
solanapiranhas.com
larssonfurniture.com
mrkmj.com
shopchristmaswreath.com
chek-enterprises.com
schematiques.com
orderinformantmailer.online
ashainitiativemp.com
balanzasdeplataformalima.com
switips.club
Signatures
Files
-
5af0cfb9787d350970aae722dead60552905ee0e3c9b032c690678684e3c061e.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 159KB - Virtual size: 158KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ