General
-
Target
order_00588_pay.rar
-
Size
292KB
-
Sample
201101-c65j86bnzj
-
MD5
75d2fed737e66dd5f524043bd0e99b55
-
SHA1
3930debcaa8745b5a66f55bae9190423b5313fbd
-
SHA256
d73871ac75496c6892613fbcda7bb4ad9f3bc868a134933b640699f8d8da53ca
-
SHA512
f72ba481ddb4a2469abbe7e313a6b5d6ab28fbe5bd1c150b9b3c2137d0a4fb69154dcb854e0a834628cbefd29d75a18e491a7ee4df145567232bc8ea7fec18c3
Static task
static1
Behavioral task
behavioral1
Sample
order_00588_pay.rar.exe
Resource
win7v20201028
Malware Config
Extracted
Family |
zloader |
Botnet |
r1 |
Campaign |
r1 |
C2 |
https://notsweets.net/LKhwojehDgwegSDG/gateJKjdsh.php https://olpons.com/LKhwojehDgwegSDG/gateJKjdsh.php https://karamelliar.org/LKhwojehDgwegSDG/gateJKjdsh.php https://dogrunn.com/LKhwojehDgwegSDG/gateJKjdsh.php https://azoraz.net/LKhwojehDgwegSDG/gateJKjdsh.php |
rc4.plain |
|
rsa_pubkey.plain |
|
Targets
-
-
Target
order_00588_pay.rar
-
Size
292KB
-
MD5
75d2fed737e66dd5f524043bd0e99b55
-
SHA1
3930debcaa8745b5a66f55bae9190423b5313fbd
-
SHA256
d73871ac75496c6892613fbcda7bb4ad9f3bc868a134933b640699f8d8da53ca
-
SHA512
f72ba481ddb4a2469abbe7e313a6b5d6ab28fbe5bd1c150b9b3c2137d0a4fb69154dcb854e0a834628cbefd29d75a18e491a7ee4df145567232bc8ea7fec18c3
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation