zloader | 385be4267e9aaadfb82815d54dde7fccbd0d1b843aa3c4062ef752a9378ae02e | Triage

Sharing

General

Target

a.dll
Size

970KB
Sample

201109-w271b1jtzn
MD5

dd1900c39145034cc7e78e3ef8bfc2a8
SHA1

5597ab4de1ceed30abd713b17ed3ff35c14ea86b
SHA256

385be4267e9aaadfb82815d54dde7fccbd0d1b843aa3c4062ef752a9378ae02e
SHA512

374d4511bde3632a8e875566390e26896bf17e379d4c3a482e07154e1f7536807ac9234f4a25a1b627a7d8603ce722705793f3a868480ef75307712b1d586359

Score

10^/10

zloader miguel 25/05 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

miguel

Campaign

25/05

C2

https://tentrhetarav.gq/wp-parser.php

https://slidirinisprec.ml/wp-parser.php

https://iedison.vip/wp-parser.php

https://financiallifecoaching.com/wp-parser.php

https://fly2go.cn/wp-parser.php

rc4.plain

Targets

- Target
  
  a.dll
- Size
  
  970KB
- MD5
  
  dd1900c39145034cc7e78e3ef8bfc2a8
- SHA1
  
  5597ab4de1ceed30abd713b17ed3ff35c14ea86b
- SHA256
  
  385be4267e9aaadfb82815d54dde7fccbd0d1b843aa3c4062ef752a9378ae02e
- SHA512
  
  374d4511bde3632a8e875566390e26896bf17e379d4c3a482e07154e1f7536807ac9234f4a25a1b627a7d8603ce722705793f3a868480ef75307712b1d586359
Score

10^/10

zloader miguel 25/05 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloadermiguel25/05botnettrojan

behavioral2

zloaderbotnettrojan