Overview

overview

10

Static

static

ggf.dll

windows7_x64

10

ggf.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ggf.dll

  • Size

    667KB

  • Sample

    201026-qzz5mfm56s

  • MD5

    4e8561ed0d1b409531243f19d556142c

  • SHA1

    3df3def02d28e48f82de3462d262998f799344a8

  • SHA256

    b6b2a6fac5b5bace7f0f498404e71e9e7cfef1b9b5c4ed0928e78974c84bd9d2

  • SHA512

    93fc0aa58cd1beb77406e013e56367ca29263ef7df0567bf63e80f5354a99b4f9c2b9f1013b9d1b7fdeb7bdc2d5b4cbbe49596af946520f9dd2635da0a78febc

Score
10/10
zloaderdll26dll26botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

dll26

Campaign

dll26

C2

https://eecakesconf.at/web982/gate.php

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      ggf.dll

    • Size

      667KB

    • MD5

      4e8561ed0d1b409531243f19d556142c

    • SHA1

      3df3def02d28e48f82de3462d262998f799344a8

    • SHA256

      b6b2a6fac5b5bace7f0f498404e71e9e7cfef1b9b5c4ed0928e78974c84bd9d2

    • SHA512

      93fc0aa58cd1beb77406e013e56367ca29263ef7df0567bf63e80f5354a99b4f9c2b9f1013b9d1b7fdeb7bdc2d5b4cbbe49596af946520f9dd2635da0a78febc

    Score
    10/10
    trojanbotnetzloader

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks