zloader | d73871ac75496c6892613fbcda7bb4ad9f3bc868a134933b640699f8d8da53ca | Triage

Sharing

General

Target

order_00588_pay.rar
Size

292KB
Sample

201101-c65j86bnzj
MD5

75d2fed737e66dd5f524043bd0e99b55
SHA1

3930debcaa8745b5a66f55bae9190423b5313fbd
SHA256

d73871ac75496c6892613fbcda7bb4ad9f3bc868a134933b640699f8d8da53ca
SHA512

f72ba481ddb4a2469abbe7e313a6b5d6ab28fbe5bd1c150b9b3c2137d0a4fb69154dcb854e0a834628cbefd29d75a18e491a7ee4df145567232bc8ea7fec18c3

Score

10^/10

zloader r1 r1 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

r1

Campaign

r1

C2

https://notsweets.net/LKhwojehDgwegSDG/gateJKjdsh.php

https://olpons.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://karamelliar.org/LKhwojehDgwegSDG/gateJKjdsh.php

https://dogrunn.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://azoraz.net/LKhwojehDgwegSDG/gateJKjdsh.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  order_00588_pay.rar
- Size
  
  292KB
- MD5
  
  75d2fed737e66dd5f524043bd0e99b55
- SHA1
  
  3930debcaa8745b5a66f55bae9190423b5313fbd
- SHA256
  
  d73871ac75496c6892613fbcda7bb4ad9f3bc868a134933b640699f8d8da53ca
- SHA512
  
  f72ba481ddb4a2469abbe7e313a6b5d6ab28fbe5bd1c150b9b3c2137d0a4fb69154dcb854e0a834628cbefd29d75a18e491a7ee4df145567232bc8ea7fec18c3
Score

10^/10

zloader r1 r1 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

zloaderr1r1botnettrojan