General

  • Target

    907a644328011c9d50c192e06ef14bf5e6be5f4c3f4dddacfba7ebb8d22d0738

  • Size

    776KB

  • Sample

    210203-p55gvz18cn

  • MD5

    89d2e280a893091f2f60099cbaa616ed

  • SHA1

    cca6be054d570ae2b5ebc527b5ceb6e23ac15504

  • SHA256

    907a644328011c9d50c192e06ef14bf5e6be5f4c3f4dddacfba7ebb8d22d0738

  • SHA512

    6f73c20829b42e6a6064cdd97134af8edd78077f175eabf7ed28ff07eafad0c2fd241ec93a3d11075b716e2606b3f8aba40de6f37b83c39d9de3596c6c07e80f

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      907a644328011c9d50c192e06ef14bf5e6be5f4c3f4dddacfba7ebb8d22d0738

    • Size

      776KB

    • MD5

      89d2e280a893091f2f60099cbaa616ed

    • SHA1

      cca6be054d570ae2b5ebc527b5ceb6e23ac15504

    • SHA256

      907a644328011c9d50c192e06ef14bf5e6be5f4c3f4dddacfba7ebb8d22d0738

    • SHA512

      6f73c20829b42e6a6064cdd97134af8edd78077f175eabf7ed28ff07eafad0c2fd241ec93a3d11075b716e2606b3f8aba40de6f37b83c39d9de3596c6c07e80f

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks