General

  • Target

    4a30275f14f80c6e11d5a253d7d004eda98651010e0aa47f744cf4105d1676ab

  • Size

    524KB

  • Sample

    201106-9sxjh7tvxj

  • MD5

    4aa199c19c28cd1d176b7f6ff59bd713

  • SHA1

    ec321c45f365ad178bbbef4f873578ffc52b6114

  • SHA256

    4a30275f14f80c6e11d5a253d7d004eda98651010e0aa47f744cf4105d1676ab

  • SHA512

    b764a3378677a4d7ceba3d57442b98028581c0c2841bdac287c5caced0f350638a2c1c0a6136873d29627420b208789873c0d5a5ad4d28e3f1e3758e3a12a6f5

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija1

C2

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php

https://dksaoidiakjd.su/gate.php

https://iweuiqjdakjd.su/gate.php

https://yuidskadjna.su/gate.php

https://olksmadnbdj.su/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      4a30275f14f80c6e11d5a253d7d004eda98651010e0aa47f744cf4105d1676ab

    • Size

      524KB

    • MD5

      4aa199c19c28cd1d176b7f6ff59bd713

    • SHA1

      ec321c45f365ad178bbbef4f873578ffc52b6114

    • SHA256

      4a30275f14f80c6e11d5a253d7d004eda98651010e0aa47f744cf4105d1676ab

    • SHA512

      b764a3378677a4d7ceba3d57442b98028581c0c2841bdac287c5caced0f350638a2c1c0a6136873d29627420b208789873c0d5a5ad4d28e3f1e3758e3a12a6f5

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks