zloader | 0829886e0ca34a32fa545e0a53d7a2208d963b7b826a14aefde94d9ff4f549e5 | Triage

Resubmissions

09-11-2020 20:43

201109-j4enps2882 10

Sharing

General

Target

june9.dll
Size

491KB
Sample

201109-j4enps2882
MD5

ac14aff179621af15cee44be450abeaf
SHA1

506f12db29a31402f06d0ba84c359d6b20b6ab2f
SHA256

0829886e0ca34a32fa545e0a53d7a2208d963b7b826a14aefde94d9ff4f549e5
SHA512

7a8419a80c41c453ee7f1b9ea483c6eb83f80a02500983aad3e519ea59a46f68ed3f316073869ea5e01c1e46eedac92a36a5ba958995e60ee767e64669f1f25c

Score

10^/10

zloader june08 june botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

June08

Campaign

June

C2

http://snnmnkxdhflwgthqismb.com/post.php

http://nlbmfsyplohyaicmxhum.com/post.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  june9.dll
- Size
  
  491KB
- MD5
  
  ac14aff179621af15cee44be450abeaf
- SHA1
  
  506f12db29a31402f06d0ba84c359d6b20b6ab2f
- SHA256
  
  0829886e0ca34a32fa545e0a53d7a2208d963b7b826a14aefde94d9ff4f549e5
- SHA512
  
  7a8419a80c41c453ee7f1b9ea483c6eb83f80a02500983aad3e519ea59a46f68ed3f316073869ea5e01c1e46eedac92a36a5ba958995e60ee767e64669f1f25c
Score

10^/10

zloader june08 june botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderjune08junebotnettrojan

behavioral2

zloaderbotnettrojan