zloader | 4bffd7619d03a2cf8d32bd987364e883230480db0eb10daa626a00fafcc3d4af | Triage

Sharing

General

Target

ssf.zip
Size

327KB
Sample

201030-5ynlfr8qfj
MD5

5e64ad0318935b55837f5e80aacab139
SHA1

43b98ae51719bcad89bfbe59035ddb3d896601b9
SHA256

4bffd7619d03a2cf8d32bd987364e883230480db0eb10daa626a00fafcc3d4af
SHA512

7258bfd418a7767e6ad629dda1f1ac2afe10bea014df48caadeb1dc58d48b0cafb3caf0600b066aab80e6b7183fe040d2441efdb970b025ac0907ddc5d620e1d

Score

10^/10

zloader botnet1 new_1 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

Botnet1

Campaign

new_1

C2

https://representis.xyz/noagate.php

https://representis.icu/noagate.php

rc4.plain

Targets

- Target
  
  ssf.dll
- Size
  
  438KB
- MD5
  
  8688f0253256e5c6cfc27a3801e6077b
- SHA1
  
  9364679fa1142dd15759fc22ed3d15b65ab447b2
- SHA256
  
  1ea43f2b7589f266a7574e987b3a5c80634060fc2d1fe0eae77410c76dea326c
- SHA512
  
  e7c6256b57869817dade08cb8ef706fa688e27f1d6cda8894c7bd19e4abf23149d83347d3748f9cee08cb3333282ff295291700484f5b2b3d9834b684b9c7aa9
Score

10^/10

zloader botnet1 new_1 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderbotnet1new_1botnettrojan

behavioral2

zloaderbotnet1new_1botnettrojan