Resubmissions
31-10-2020 05:41
201031-a4vqedhr2n 10General
-
Target
ZnVmZdD.zip
-
Size
354KB
-
Sample
201031-a4vqedhr2n
-
MD5
6705b8b83b7fb6eaad72f6939640b29f
-
SHA1
0a3702cb48bb5b491e0d9f78c2fbf4c39565d30d
-
SHA256
6d63bbc66801b9842d93edb1ebb0bae46a7218dceb83328f27deb5f3ad0f974b
-
SHA512
7b8bc47007f7bce44276a430de8e56403e1b60cbc2fef15c434b106ae84c3f217dfbf09d876f77cb574eb3be3e74e47d3f2b720439e73237ba7b6749b0061169
Malware Config
Extracted
zloader
Apr14
Spam
http://wmwifbajxxbcxmucxmlc.com/post.php
http://ojnxjgfjlftfkkuxxiqd.com/post.php
http://pwkqhdgytsshkoibaake.com/post.php
http://snnmnkxdhflwgthqismb.com/post.php
http://iawfqecrwohcxnhwtofa.com/post.php
http://nlbmfsyplohyaicmxhum.com/post.php
http://fvqlkgedqjiqgapudkgq.com/post.php
http://cmmxhurildiigqghlryq.com/post.php
http://nmqsmbiabjdnuushksas.com/post.php
http://fyratyubvflktyyjiqgq.com/post.php
Targets
-
-
Target
ZnVmZdD.dll
-
Size
539KB
-
MD5
a070bb84c2735c67a3f6154dc403f7d0
-
SHA1
fac8a42c17a0f19760a8596980707278de24556c
-
SHA256
4553d627f2509e19e9b84491c08ec9854d785df4f74e900b969c57ccd244c086
-
SHA512
bd32cd6ae1caea1722bf0df36a6952ba9381afcd45423231a761b8df692c3364172ea04637fc9a8a242a1a363931db8248c89024aace5b65383eeabbdcd4f7db
Score10/10-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-