General

  • Target

    SecuriteInfo.com.ML.PE-A.22138

  • Size

    652KB

  • Sample

    201027-qzpjw9gl2n

  • MD5

    b260df424a528921e9f544af273c3849

  • SHA1

    85d12847d2ceefcd5ddd88c0c03b0d98bb9afc86

  • SHA256

    a35b96696f5c7adc5aa856859d37e92c323b2be68c0f8d2704a4ab689ffd12b2

  • SHA512

    d2327adb91949c707058ba910fed2634c631b82624127ac9d3d051a00edafbff50c19e89b39b2aee0197e1ff05dba9d3bc8e038d50cc1d5af0c3506952989ad1

Malware Config

Extracted

Family

zloader

Botnet

nut

Campaign

26/10

C2

https://kare.academy/wl9nfl.php

https://skal.tk/a0qqpr.php

https://casascala.isoladelba.it/1lhdcb.php

https://tamilgreets.com/0vjkrn.php

https://ahoracallao.com/kzqlgx.php

https://shbiolabs.com/gkqm9o.php

https://bmavan.com/qshecj.php

https://barsoleillevant.fr/czdhxu.php

https://innovabusiness.cv/assly0.php

https://mevededustderin.tk/wp-smarts.php

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      SecuriteInfo.com.ML.PE-A.22138

    • Size

      652KB

    • MD5

      b260df424a528921e9f544af273c3849

    • SHA1

      85d12847d2ceefcd5ddd88c0c03b0d98bb9afc86

    • SHA256

      a35b96696f5c7adc5aa856859d37e92c323b2be68c0f8d2704a4ab689ffd12b2

    • SHA512

      d2327adb91949c707058ba910fed2634c631b82624127ac9d3d051a00edafbff50c19e89b39b2aee0197e1ff05dba9d3bc8e038d50cc1d5af0c3506952989ad1

    Score
    10/10
    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks