zloader | 63c8c6ac173f3a20beaae72f96110c8defaa197c3a65b68e5562a0e588532b1f | Triage

Sharing

General

Target

BKiPsIo.dll
Size

391KB
Sample

201022-3hdsgkae2e
MD5

e38c8eee26dfa137bcb0a391dd17b1e5
SHA1

eda9e6c50c5708cedf5dec2d48ebdca874d7b4aa
SHA256

63c8c6ac173f3a20beaae72f96110c8defaa197c3a65b68e5562a0e588532b1f
SHA512

23157742ea221668c96ee6f74bf3a673267be62c0b03aea9dc082ed3b25456523e1c1ec0c1517ffaf1b30a3c0bf7ef4d91aae29d64704b89b2145682b936554a

Score

10^/10

zloader divader poll botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

divader

Campaign

poll

C2

https://kochamkkkras.ru/gate.php

https://uookqihwdid.ru/gate.php

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php

https://dksaoidiakjd.su/gate.php

https://iweuiqjdakjd.su/gate.php

https://yuidskadjna.su/gate.php

https://olksmadnbdj.su/gate.php

https://odsakmdfnbs.su/gate.php

https://odsakjmdnhsaj.su/gate.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  BKiPsIo.dll
- Size
  
  391KB
- MD5
  
  e38c8eee26dfa137bcb0a391dd17b1e5
- SHA1
  
  eda9e6c50c5708cedf5dec2d48ebdca874d7b4aa
- SHA256
  
  63c8c6ac173f3a20beaae72f96110c8defaa197c3a65b68e5562a0e588532b1f
- SHA512
  
  23157742ea221668c96ee6f74bf3a673267be62c0b03aea9dc082ed3b25456523e1c1ec0c1517ffaf1b30a3c0bf7ef4d91aae29d64704b89b2145682b936554a
Score

10^/10

trojan botnet zloader
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trojanbotnetzloader

behavioral2

trojanbotnetzloader