zloader | 5cb7f1eb5a3bc9d05896b7691f88b58c029580b5f24d2726706c680b710f0b94 | Triage

Sharing

General

Target

5cb7f1eb5a3bc9d05896b7691f88b58c029580b5f24d2726706c680b710f0b94
Size

187KB
Sample

201110-wy7bd4m996
MD5

333a0ed230fa3bb26e7a432783b19cb5
SHA1

b0ac79853c713283ee34bb31940b2d2954f6f223
SHA256

5cb7f1eb5a3bc9d05896b7691f88b58c029580b5f24d2726706c680b710f0b94
SHA512

d0c30d67c42b4b610fa882fdff05059857735269b3623fbb92ea57438ccb08b914c6a0de4c5cf343aeb1d02914231a3c097beb02daa03d2d59bc42293305060b

Score

10^/10

zloader miguel 20/04 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

miguel

Campaign

20/04

C2

https://dcaiqjgnbt.icu/wp-config.php

https://nmttxggtb.press/wp-config.php

rc4.plain

Targets

- Target
  
  5cb7f1eb5a3bc9d05896b7691f88b58c029580b5f24d2726706c680b710f0b94
- Size
  
  187KB
- MD5
  
  333a0ed230fa3bb26e7a432783b19cb5
- SHA1
  
  b0ac79853c713283ee34bb31940b2d2954f6f223
- SHA256
  
  5cb7f1eb5a3bc9d05896b7691f88b58c029580b5f24d2726706c680b710f0b94
- SHA512
  
  d0c30d67c42b4b610fa882fdff05059857735269b3623fbb92ea57438ccb08b914c6a0de4c5cf343aeb1d02914231a3c097beb02daa03d2d59bc42293305060b
Score

10^/10

zloader miguel 20/04 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

miguel20/04zloader

behavioral1

zloadermiguel20/04botnettrojan

behavioral2

zloadermiguel20/04botnettrojan