zloader | 207465ded4b4538b319e22188fdcfe0f42480386e77be00582192b58dcd7e0ac | Triage

Sharing

General

Target

slk.dll
Size

664KB
Sample

201109-wrb9py2c6s
MD5

ca726cc5232ba8ea7c241db090e0b659
SHA1

9a68634ee3351317b44ff6a8db0adf1bcd8ee0fb
SHA256

207465ded4b4538b319e22188fdcfe0f42480386e77be00582192b58dcd7e0ac
SHA512

7157f93c91697b7f1603016843340fac170d5b56bd5fc5be7332caff9d7686f9a51a0b13d7f1394c4803fe812517f0b1f0536f6290059c8bcdebdf997b6b656b

Score

10^/10

zloader bot5 bot5 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

rc4.plain

Targets

- Target
  
  slk.dll
- Size
  
  664KB
- MD5
  
  ca726cc5232ba8ea7c241db090e0b659
- SHA1
  
  9a68634ee3351317b44ff6a8db0adf1bcd8ee0fb
- SHA256
  
  207465ded4b4538b319e22188fdcfe0f42480386e77be00582192b58dcd7e0ac
- SHA512
  
  7157f93c91697b7f1603016843340fac170d5b56bd5fc5be7332caff9d7686f9a51a0b13d7f1394c4803fe812517f0b1f0536f6290059c8bcdebdf997b6b656b
Score

10^/10

zloader bot5 bot5 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderbot5bot5botnettrojan

behavioral2

zloaderbot5bot5botnettrojan