Overview

overview

10

Static

static

y.dll

windows7_x64

10

y.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    y.dll

  • Size

    943KB

  • Sample

    201109-jhynv6gphj

  • MD5

    62c04a23f403f3d431198326448ffc24

  • SHA1

    dfa20b8e4a4725f37698c15ef5e50b3badffd3d4

  • SHA256

    cc32eb0fb5c35376f69a3d6b81fdb339309d06d80a2cffa2604e21012ac33c18

  • SHA512

    e26b2b60b2edaa21530f065e0ba06e63371a8c80dbc65e648c0bcfa311d3180d0e93a3278446458b3d44d2260518ba44c8dd8c44ccb1778eda0fc027d65f3cba

Score
10/10
zloadermiguel20/05botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

miguel

Campaign

20/05

C2

https://letssihamra.gq/wp-parser.php

https://puffmenscourtcomenthy.tk/wp-parser.php

https://thurlopetnyi.cf/wp-parser.php

http://blog.menusmile.com/wp-parser.php

http://setindgrp.com/wp-parser.php
rc4.plain

Targets

    • Target

      y.dll

    • Size

      943KB

    • MD5

      62c04a23f403f3d431198326448ffc24

    • SHA1

      dfa20b8e4a4725f37698c15ef5e50b3badffd3d4

    • SHA256

      cc32eb0fb5c35376f69a3d6b81fdb339309d06d80a2cffa2604e21012ac33c18

    • SHA512

      e26b2b60b2edaa21530f065e0ba06e63371a8c80dbc65e648c0bcfa311d3180d0e93a3278446458b3d44d2260518ba44c8dd8c44ccb1778eda0fc027d65f3cba

    Score
    10/10
    zloadermiguel20/05botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks