Overview

overview

10

Static

static

9269a94774...a1.dll

windows7_x64

10

9269a94774...a1.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9269a94774598c3cec7c7c7654dd81a1

  • Size

    523KB

  • Sample

    201117-7ee1c6xwjs

  • MD5

    99dbb0f00c0a4a675ff967249b417903

  • SHA1

    abe0287899a323ec57bacee9edbc85ae7ec0ea30

  • SHA256

    cbe76b68ade1838441294ffc661c7f7329bd26c04de70e4d22c7bfb87ed3c943

  • SHA512

    be518a608d43148d203823f2720ec144b33f2a85e21556e128f6ab0cd079c44af23b0f97fcb6e7d172bfd11be4703b1883a6a6ed1ecc75f8631881b8c5cb76e7

Score
10/10
zloadergoogleaktualizacijagoogleaktualizacija1botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija1

C2

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php

https://dksaoidiakjd.su/gate.php

https://iweuiqjdakjd.su/gate.php

https://yuidskadjna.su/gate.php

https://olksmadnbdj.su/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      9269a94774598c3cec7c7c7654dd81a1

    • Size

      523KB

    • MD5

      99dbb0f00c0a4a675ff967249b417903

    • SHA1

      abe0287899a323ec57bacee9edbc85ae7ec0ea30

    • SHA256

      cbe76b68ade1838441294ffc661c7f7329bd26c04de70e4d22c7bfb87ed3c943

    • SHA512

      be518a608d43148d203823f2720ec144b33f2a85e21556e128f6ab0cd079c44af23b0f97fcb6e7d172bfd11be4703b1883a6a6ed1ecc75f8631881b8c5cb76e7

    Score
    10/10
    zloadergoogleaktualizacijagoogleaktualizacija1botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks