zloader | dbc2e7788019f8b0959377fa9e0f3d41d0db82445799721d1d77c583ac793e9a | Triage

Sharing

General

Target

BKiPsIo.dll
Size

390KB
Sample

201021-5k6sc3ej8s
MD5

ed8961a3f1a6e94c5da87867e1d0b5b0
SHA1

5832c8e30d5ac85e1176a40e441d10b2c97f0fd5
SHA256

dbc2e7788019f8b0959377fa9e0f3d41d0db82445799721d1d77c583ac793e9a
SHA512

38bd0773bef6b4a40a94a9b3f918cc548000b401fdc19ee723da3807b4e327e7308029e355366ab2000cd3b3650eaf30b442233fa233ac15a7395ee4a999ee79

Score

10^/10

zloader divader poll botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

divader

Campaign

poll

C2

https://kochamkkkras.ru/gate.php

https://uookqihwdid.ru/gate.php

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php

https://dksaoidiakjd.su/gate.php

https://iweuiqjdakjd.su/gate.php

https://yuidskadjna.su/gate.php

https://olksmadnbdj.su/gate.php

https://odsakmdfnbs.su/gate.php

https://odsakjmdnhsaj.su/gate.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  BKiPsIo.dll
- Size
  
  390KB
- MD5
  
  ed8961a3f1a6e94c5da87867e1d0b5b0
- SHA1
  
  5832c8e30d5ac85e1176a40e441d10b2c97f0fd5
- SHA256
  
  dbc2e7788019f8b0959377fa9e0f3d41d0db82445799721d1d77c583ac793e9a
- SHA512
  
  38bd0773bef6b4a40a94a9b3f918cc548000b401fdc19ee723da3807b4e327e7308029e355366ab2000cd3b3650eaf30b442233fa233ac15a7395ee4a999ee79
Score

10^/10

trojan botnet zloader
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trojanbotnetzloader

behavioral2