Overview

overview

10

Static

static

9

SecuriteIn...69.dll

windows7_x64

10

SecuriteIn...69.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Generic.mg.cde56cf0169830ee.29869

  • Size

    486KB

  • Sample

    201109-p28jm7xbtn

  • MD5

    cde56cf0169830ee0059ee385c0c5eaf

  • SHA1

    08aacb48ffcdc6b49af18d01155982984de230f7

  • SHA256

    cb762227729d0faadc4c33a4a55b513673a9c76284773535b0e07d7e47d8413e

  • SHA512

    234ddd4191c1abdfe04d9cc1afe2fed2901ef4d38404d0568a356218bc62096d200dd8ec28c8980da4a5852b0a481bf698b244f51d13560b303285b99105b3dd

Score
10/10
zloader05/05https://rswtgmhf.pw/wp-config.phpbotnetcryptonepackertrojan

Malware Config

Extracted

Family

zloader

Botnet

05/05

Campaign

https://rswtgmhf.pw/wp-config.php

C2

https://fwgdhdln.icu/wp-config.php

rc4.plain

Targets

    • Target

      SecuriteInfo.com.Generic.mg.cde56cf0169830ee.29869

    • Size

      486KB

    • MD5

      cde56cf0169830ee0059ee385c0c5eaf

    • SHA1

      08aacb48ffcdc6b49af18d01155982984de230f7

    • SHA256

      cb762227729d0faadc4c33a4a55b513673a9c76284773535b0e07d7e47d8413e

    • SHA512

      234ddd4191c1abdfe04d9cc1afe2fed2901ef4d38404d0568a356218bc62096d200dd8ec28c8980da4a5852b0a481bf698b244f51d13560b303285b99105b3dd

    Score
    10/10
    zloader05/05https://rswtgmhf.pw/wp-config.phpbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks