zloader | 959a3cd5e58c2bbbb4a5179e658f6193fd6cf8d5d5384b4e6dca12fa7cbc2c74 | Triage

Sharing

General

Target

BKiPsIo.dll
Size

391KB
Sample

201022-zmeazdhpej
MD5

0c5dadf565b1b19b47cbe98266f91152
SHA1

40c8a1193954077628c5f89ee5ce9687d9f6f6de
SHA256

959a3cd5e58c2bbbb4a5179e658f6193fd6cf8d5d5384b4e6dca12fa7cbc2c74
SHA512

a8ea1f3f43ecb51cdb9476376dd8ae14920239b08086ce74a147df9c6821e292202e5c94d7c8201268a1c4076f84719deb8546b639aeb3f693fd56e8b68c8a6b

Score

10^/10

zloader divader poll botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

divader

Campaign

poll

C2

https://kochamkkkras.ru/gate.php

https://uookqihwdid.ru/gate.php

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php

https://dksaoidiakjd.su/gate.php

https://iweuiqjdakjd.su/gate.php

https://yuidskadjna.su/gate.php

https://olksmadnbdj.su/gate.php

https://odsakmdfnbs.su/gate.php

https://odsakjmdnhsaj.su/gate.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  BKiPsIo.dll
- Size
  
  391KB
- MD5
  
  0c5dadf565b1b19b47cbe98266f91152
- SHA1
  
  40c8a1193954077628c5f89ee5ce9687d9f6f6de
- SHA256
  
  959a3cd5e58c2bbbb4a5179e658f6193fd6cf8d5d5384b4e6dca12fa7cbc2c74
- SHA512
  
  a8ea1f3f43ecb51cdb9476376dd8ae14920239b08086ce74a147df9c6821e292202e5c94d7c8201268a1c4076f84719deb8546b639aeb3f693fd56e8b68c8a6b
Score

10^/10

trojan botnet zloader
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trojanbotnetzloader

behavioral2