Overview

overview

10

Static

static

ggf.dll

windows7_x64

10

ggf.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ggf.dll

  • Size

    667KB

  • Sample

    201027-twnd1e8fx6

  • MD5

    3f4b7d537973a560df0898d821697f85

  • SHA1

    a811b3af1cd710cb175e27faf97a66cf51ec18af

  • SHA256

    bc8dc839be99fa4411ee9b7fb8e042095a324d0d1400ca1545924894ec143ec5

  • SHA512

    e65a94d4b4a18ac4ac2fe722e2d6098f9b78b0d9b4f702977e2baff823f7c6b4c4a536de18c635d25662ae768efbee90b659073262196d36add52a5dec9ea498

Score
10/10
zloaderdll26dll26botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

dll26

Campaign

dll26

C2

https://eecakesconf.at/web982/gate.php

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      ggf.dll

    • Size

      667KB

    • MD5

      3f4b7d537973a560df0898d821697f85

    • SHA1

      a811b3af1cd710cb175e27faf97a66cf51ec18af

    • SHA256

      bc8dc839be99fa4411ee9b7fb8e042095a324d0d1400ca1545924894ec143ec5

    • SHA512

      e65a94d4b4a18ac4ac2fe722e2d6098f9b78b0d9b4f702977e2baff823f7c6b4c4a536de18c635d25662ae768efbee90b659073262196d36add52a5dec9ea498

    Score
    10/10
    trojanbotnetzloader

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks