zloader | 12e5c221195f7d0a47b98b5d5fff26ea8fc4ad4f76f1c21f47e3a73102f18c59 | Triage

Sharing

General

Target

BKiPsIo.dll
Size

470KB
Sample

201023-jsn5frln56
MD5

0f04a1e57dd1751b1fd625260cd73ab7
SHA1

6d850624e33b622e3d49db028a3286d0c27b1f9f
SHA256

12e5c221195f7d0a47b98b5d5fff26ea8fc4ad4f76f1c21f47e3a73102f18c59
SHA512

a6897bbd3b3e8257cbcf970d914aa867a348d7de4285ca5f3ca2c61b9c676d74904dfd57ecf2773276076cc3e777b188d7a033aef01b1beefeac9f07642231c5

Score

10^/10

zloader divader poll botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

divader

Campaign

poll

C2

https://kochamkkkras.ru/gate.php

https://uookqihwdid.ru/gate.php

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php

https://dksaoidiakjd.su/gate.php

https://iweuiqjdakjd.su/gate.php

https://yuidskadjna.su/gate.php

https://olksmadnbdj.su/gate.php

https://odsakmdfnbs.su/gate.php

https://odsakjmdnhsaj.su/gate.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  BKiPsIo.dll
- Size
  
  470KB
- MD5
  
  0f04a1e57dd1751b1fd625260cd73ab7
- SHA1
  
  6d850624e33b622e3d49db028a3286d0c27b1f9f
- SHA256
  
  12e5c221195f7d0a47b98b5d5fff26ea8fc4ad4f76f1c21f47e3a73102f18c59
- SHA512
  
  a6897bbd3b3e8257cbcf970d914aa867a348d7de4285ca5f3ca2c61b9c676d74904dfd57ecf2773276076cc3e777b188d7a033aef01b1beefeac9f07642231c5
Score

10^/10

trojan botnet zloader
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trojanbotnetzloader

behavioral2

trojanbotnetzloader