zloader | ccf1e6416673f50f016cfa1658e9dd29793195b9bc701fedc1218d122faeb6b2 | Triage

Sharing

General

Target

SecuriteInfo.com.Generic.mg.508d23fb6e75776e.15437
Size

720KB
Sample

201109-sr8hdecza6
MD5

508d23fb6e75776e4944233034547ce8
SHA1

5dfc4bfa864e502ba0f4ac4db9c2a506ead11627
SHA256

ccf1e6416673f50f016cfa1658e9dd29793195b9bc701fedc1218d122faeb6b2
SHA512

3cf8ca13fb27002df3535dcc6efaf95770383da0c8ef4dba12a694e205b1e8aa68c620e13d958e2cd91ec7068c891450f752d958a11e4c69abbaa5fd6c062691

Score

10^/10

zloader miguel 15/05 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

miguel

Campaign

15/05

C2

https://luxiyouyue.club/wp-parser.php

https://aapasifik.com/wp-parser.php

http://zylstudio.com/wp-parser.php

https://caodangyduochanoi1.edu.vn/wp-parser.php

https://butterfly-crm.solusaas.com/wp-parser.php

http://karkas24.site/wp-parser.php

rc4.plain

Targets

- Target
  
  SecuriteInfo.com.Generic.mg.508d23fb6e75776e.15437
- Size
  
  720KB
- MD5
  
  508d23fb6e75776e4944233034547ce8
- SHA1
  
  5dfc4bfa864e502ba0f4ac4db9c2a506ead11627
- SHA256
  
  ccf1e6416673f50f016cfa1658e9dd29793195b9bc701fedc1218d122faeb6b2
- SHA512
  
  3cf8ca13fb27002df3535dcc6efaf95770383da0c8ef4dba12a694e205b1e8aa68c620e13d958e2cd91ec7068c891450f752d958a11e4c69abbaa5fd6c062691
Score

10^/10

zloader miguel 15/05 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloadermiguel15/05botnettrojan

behavioral2

zloaderbotnettrojan