General
-
Target
bbc.dll
-
Size
473KB
-
Sample
201109-sw99aczdse
-
MD5
9f19f347cdd95dc752d52f2388742956
-
SHA1
f449da597b5e27bf11669f7e40b7cbbc6997087e
-
SHA256
d4678fbba0cf64f91a7844884e17126a2c4095c478d52fe2fa549692b557cca7
-
SHA512
15fc3b7b9fada3c7c02d88f00e0da777397f9d8abeed36f05badad060153a4d89032a90e1748251cccf697e4bcea39dab4a366f8097add2bd309c419601f517f
Malware Config
Extracted
zloader
bot5
bot5
https://militanttra.at/owg.php
Targets
-
-
Target
bbc.dll
-
Size
473KB
-
MD5
9f19f347cdd95dc752d52f2388742956
-
SHA1
f449da597b5e27bf11669f7e40b7cbbc6997087e
-
SHA256
d4678fbba0cf64f91a7844884e17126a2c4095c478d52fe2fa549692b557cca7
-
SHA512
15fc3b7b9fada3c7c02d88f00e0da777397f9d8abeed36f05badad060153a4d89032a90e1748251cccf697e4bcea39dab4a366f8097add2bd309c419601f517f
Score10/10-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-