General
-
Target
zloader 2_1.0.14.0.vir
-
Size
130KB
-
Sample
200719-wrt25yszze
-
MD5
88adb0b457ea881c4b09ee65a8ee72f6
-
SHA1
45131fff959d36d51c5ba07b369ffa9a2db32499
-
SHA256
8afa8c9fc4f0d3c24dfc03477fb93c5df5e1c75b3926e5127a3d4aca6fa43a83
-
SHA512
8c6652257e18aa0adcc18c5a70783317d0ebdc00dbc66f83d715d3c02dff4dfe34e1313c5a859598996e8179132df274a497b2dd419baf78a0aca2af182c0b70
Static task
static1
Behavioral task
behavioral1
Sample
zloader 2_1.0.14.0.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
zloader 2_1.0.14.0.vir.exe
Resource
win10
Malware Config
Extracted
zloader
saca
adw2
https://thoughtlibrary.top/library/topikpost.php
https://islacangrejo.fun/library/topikpost.php
Targets
-
-
Target
zloader 2_1.0.14.0.vir
-
Size
130KB
-
MD5
88adb0b457ea881c4b09ee65a8ee72f6
-
SHA1
45131fff959d36d51c5ba07b369ffa9a2db32499
-
SHA256
8afa8c9fc4f0d3c24dfc03477fb93c5df5e1c75b3926e5127a3d4aca6fa43a83
-
SHA512
8c6652257e18aa0adcc18c5a70783317d0ebdc00dbc66f83d715d3c02dff4dfe34e1313c5a859598996e8179132df274a497b2dd419baf78a0aca2af182c0b70
Score10/10-
Blacklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-