zloader | bb0063629c3a51ea01a188e9f89e0a8b2ca68030d0cdaac6bd84cd100007cfc3 | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.Dridex.704.22500.31078
Size

647KB
Sample

201109-y269dvpwfs
MD5

cd63f0981882dc0eae43d92879b23b90
SHA1

71eb9e3940d1353930f9c006c5757f588a6d0d28
SHA256

bb0063629c3a51ea01a188e9f89e0a8b2ca68030d0cdaac6bd84cd100007cfc3
SHA512

a3c14d37081861be863f99d044c18bf3aede33c9265e845b55eb5c870d8b368f7eb39a499e699165c3e57661475430d9a38b299b8a063f79314b85038a260748

Score

10^/10

zloader bot5 bot5 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

rc4.plain

Targets

- Target
  
  SecuriteInfo.com.Trojan.Dridex.704.22500.31078
- Size
  
  647KB
- MD5
  
  cd63f0981882dc0eae43d92879b23b90
- SHA1
  
  71eb9e3940d1353930f9c006c5757f588a6d0d28
- SHA256
  
  bb0063629c3a51ea01a188e9f89e0a8b2ca68030d0cdaac6bd84cd100007cfc3
- SHA512
  
  a3c14d37081861be863f99d044c18bf3aede33c9265e845b55eb5c870d8b368f7eb39a499e699165c3e57661475430d9a38b299b8a063f79314b85038a260748
Score

10^/10

zloader bot5 bot5 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderbot5bot5botnettrojan

behavioral2

zloaderbotnettrojan