zloader | 5a5948b7d3be846d561f5b6631715e3ab3f25b129519b2305a18b6169372fb9a

Resubmissions

08-12-2023 11:25

231208-njeg9abd25 10

31-10-2020 10:26

201031-67r2e9htne 10

Sharing

Copy URL

Twitter E-mail

General

Target

april17.zip
Size

339KB
Sample

201031-67r2e9htne
MD5

2b9dbe477989a3423cc772bfec1ccd24
SHA1

dc61fa01eb809375185d2f9ffe39b0f689829c83
SHA256

5a5948b7d3be846d561f5b6631715e3ab3f25b129519b2305a18b6169372fb9a
SHA512

4bdf00ce026015ab22afd3158ce54c7900ad978cd50285d386bb91beb06b0050ecfa4b0cef25d68874a92af400434fb5a3c4707a2c0d146e087b93cc24ce2185

Score

10^/10

Malware Config

Extracted

Family

zloader

Botnet

apr17

Campaign

spam

http://wmwifbajxxbcxmucxmlc.com/post.php

http://ojnxjgfjlftfkkuxxiqd.com/post.php

http://pwkqhdgytsshkoibaake.com/post.php

http://snnmnkxdhflwgthqismb.com/post.php

http://iawfqecrwohcxnhwtofa.com/post.php

http://nlbmfsyplohyaicmxhum.com/post.php

http://fvqlkgedqjiqgapudkgq.com/post.php

http://cmmxhurildiigqghlryq.com/post.php

http://nmqsmbiabjdnuushksas.com/post.php

http://fyratyubvflktyyjiqgq.com/post.php

rc4.plain

Targets

- Target
  
  april17.dll
- Size
  
  446KB
- MD5
  
  cd39fa1ea4f0c4c9c2dd8492ff597250
- SHA1
  
  8bae4934e78c738ed60f631bc67db34604d35818
- SHA256
  
  372bae872e2a2180f04ff14f8fb9f769d733cb4608d37e2bf6e61fee5d396018
- SHA512
  
  a0d3d131f1be227c6617fdea3a79c0c07427fa855273534951cd6da87d49a7fabf636ae4e109541e680536920fb2a4cfc48b961ff10e2ad13e81adb396dc1371
Score

10^/10

zloader apr17 spam botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Blacklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Zloader, Terdot, DELoader, ZeusSphinx

Blacklisted process makes network request

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2