zloader | b55ba44eb57fc9460e1bb6a80d7a528cb1969862eaf1c8954c7bd611f03bfbbb | Triage

Sharing

General

Target

r10959_order.zip
Size

136KB
Sample

201116-1vt1nfla6n
MD5

6179c6a9aa4b230a8c58b103b226d8be
SHA1

84337f3a0f66819c14d646550c80d50592b5c77d
SHA256

b55ba44eb57fc9460e1bb6a80d7a528cb1969862eaf1c8954c7bd611f03bfbbb
SHA512

43cb06da076dc9b91bf58916736e941241e0b9f0380fc12ba7c240c199668e6779bf7fdea82c79185c12e564cbcff500f33d88a17ca310ba9e1b6d93d25ca316

Score

10^/10

zloader r1 r1 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

r1

Campaign

r1

C2

https://notsweets.net/LKhwojehDgwegSDG/gateJKjdsh.php

https://olpons.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://karamelliar.org/LKhwojehDgwegSDG/gateJKjdsh.php

https://dogrunn.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://azoraz.net/LKhwojehDgwegSDG/gateJKjdsh.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  r10959_order.exe
- Size
  
  169KB
- MD5
  
  b3ef69a050bf821cabe2bd39b24a7e6c
- SHA1
  
  1462324750e0657704806dbb84946a0ec4fbc49c
- SHA256
  
  302145b6f26034c16b5d317c457e1ddf3d24f057ccd25ba5ffc8465527e0ed02
- SHA512
  
  d9bb96f338badce73979be6c930809324357517b1b28cca725dd53d0a0b142ffba822f514e60e2110d116581f5cae8b57127ede635f1f7356fdd757cd9c3d4ac
Score

10^/10

zloader r1 r1 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderr1r1botnettrojan

behavioral2