Overview

overview

10

Static

static

613edea279...c8.dll

windows7_x64

10

613edea279...c8.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    613edea279057e441e911ce8d1a4b7c8.dll

  • Size

    357KB

  • Sample

    210112-61vr6xa34n

  • MD5

    613edea279057e441e911ce8d1a4b7c8

  • SHA1

    ec557b336ff11e216c669cc29c90a9e74771ee00

  • SHA256

    3f1f00054377124affd8fb24f61b9a670858cc44282ffcf0341907f9dbcf1d51

  • SHA512

    e65ad56aeb3d130d79f8870e49a5e3a6e49a0b8fd7a8cea152b70213f7073ab097d0dbd5cbf29b1f814463f92c6303030e70a5f78002bcfecc11f22a6590a5b6

Score
10/10
zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      613edea279057e441e911ce8d1a4b7c8.dll

    • Size

      357KB

    • MD5

      613edea279057e441e911ce8d1a4b7c8

    • SHA1

      ec557b336ff11e216c669cc29c90a9e74771ee00

    • SHA256

      3f1f00054377124affd8fb24f61b9a670858cc44282ffcf0341907f9dbcf1d51

    • SHA512

      e65ad56aeb3d130d79f8870e49a5e3a6e49a0b8fd7a8cea152b70213f7073ab097d0dbd5cbf29b1f814463f92c6303030e70a5f78002bcfecc11f22a6590a5b6

    Score
    10/10
    zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks