zloader | c653365657fbf65429ad845d0a0d93106e972aca929739560ff4b4796bd2be08 | Triage

Resubmissions

08-12-2023 10:51

231208-mx9pwaag87 10

09-11-2020 20:51

201109-gphgcqnz6n 10

Sharing

General

Target

june9.dll
Size

491KB
Sample

201109-gphgcqnz6n
MD5

f8a7273ef763776e5612ac1f47f6d405
SHA1

c51f2a884c024e442c1ae0d9bf9511c96a1fa02c
SHA256

c653365657fbf65429ad845d0a0d93106e972aca929739560ff4b4796bd2be08
SHA512

5ea060662350237d38d2c6a3c1da5fd7aeec6c05e71cdbb2725fcac47ad8e5c9568adc937329397108ab0cecdf29e9a811ab7e183884dd3044d7c5a6089f88aa

Score

10^/10

zloader june08 june botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

June08

Campaign

June

C2

http://snnmnkxdhflwgthqismb.com/post.php

http://nlbmfsyplohyaicmxhum.com/post.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  june9.dll
- Size
  
  491KB
- MD5
  
  f8a7273ef763776e5612ac1f47f6d405
- SHA1
  
  c51f2a884c024e442c1ae0d9bf9511c96a1fa02c
- SHA256
  
  c653365657fbf65429ad845d0a0d93106e972aca929739560ff4b4796bd2be08
- SHA512
  
  5ea060662350237d38d2c6a3c1da5fd7aeec6c05e71cdbb2725fcac47ad8e5c9568adc937329397108ab0cecdf29e9a811ab7e183884dd3044d7c5a6089f88aa
Score

10^/10

zloader june08 june botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderjune08junebotnettrojan

behavioral2

zloaderbotnettrojan