Overview

overview

10

Static

static

Yard.dll

windows7_x64

10

Yard.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Yard.dll

  • Size

    400KB

  • Sample

    201112-z977gmmfnx

  • MD5

    3cf481ccbb1019894fcbacb554f3bda1

  • SHA1

    63c11153ab0afb36703723c5121cd0e9b48ac6e8

  • SHA256

    c8c5815fe4a06a752e51f79332a393db1f91a8e39b67899aa996e4ca76cfa675

  • SHA512

    628e34581b3ebc7645639f2e6da19ce15afb794cc032e99d895841eecef0bd372da27895a9485bb18630864b921c1239fa6e4904d6bd6f54ca80a220a3fe66d0

Score
10/10
zloadernut12/11botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

nut

Campaign

12/11

C2

https://tfbuildingjoinery.co.uk/robots.php

https://globalpacificproperties.com.au/terms.php

https://www.loonybinforum.com/errors.php

https://luminousintent.com.au/wp-smarts.php

https://espazioabierto.com/wp-smarts.php

https://racriporrosepo.tk/wp-smarts.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      Yard.dll

    • Size

      400KB

    • MD5

      3cf481ccbb1019894fcbacb554f3bda1

    • SHA1

      63c11153ab0afb36703723c5121cd0e9b48ac6e8

    • SHA256

      c8c5815fe4a06a752e51f79332a393db1f91a8e39b67899aa996e4ca76cfa675

    • SHA512

      628e34581b3ebc7645639f2e6da19ce15afb794cc032e99d895841eecef0bd372da27895a9485bb18630864b921c1239fa6e4904d6bd6f54ca80a220a3fe66d0

    Score
    10/10
    zloadernut12/11botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks