zloader | 1b4e008beb2b395e53648c9a246ecafcb3df0543c5236a40cdb976a2007bbf97 | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.Dridex.704.28108.28988
Size

647KB
Sample

201109-qwxeehzdje
MD5

979310d723bfe499e26f9d1c773eb567
SHA1

4bbac2dc71b965de292f96cb1b711d7ae979f534
SHA256

1b4e008beb2b395e53648c9a246ecafcb3df0543c5236a40cdb976a2007bbf97
SHA512

864484d606a1332606ba33130099f5eaa26dc03979fe6857b588094295bbce3bf83905e6cc57221155d8fecafa63600ec4dd633af956e83272dc873ca55e02db

Score

10^/10

zloader bot5 bot5 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

rc4.plain

Targets

- Target
  
  SecuriteInfo.com.Trojan.Dridex.704.28108.28988
- Size
  
  647KB
- MD5
  
  979310d723bfe499e26f9d1c773eb567
- SHA1
  
  4bbac2dc71b965de292f96cb1b711d7ae979f534
- SHA256
  
  1b4e008beb2b395e53648c9a246ecafcb3df0543c5236a40cdb976a2007bbf97
- SHA512
  
  864484d606a1332606ba33130099f5eaa26dc03979fe6857b588094295bbce3bf83905e6cc57221155d8fecafa63600ec4dd633af956e83272dc873ca55e02db
Score

10^/10

zloader bot5 bot5 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderbot5bot5botnettrojan

behavioral2

zloaderbotnettrojan