Overview

overview

10

Static

static

907a644328...38.dll

windows7_x64

10

907a644328...38.dll

windows10_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    907a644328011c9d50c192e06ef14bf5e6be5f4c3f4dddacfba7ebb8d22d0738.zip

  • Size

    170KB

  • Sample

    210302-abrqxtgsp6

  • MD5

    7f19144e91023d3fbb6be41385dd580b

  • SHA1

    31a705e22ad52b2d990a3765e8e978de3ecac753

  • SHA256

    16b8f993c7ea7dc266f051f38cfb7d3ddb8af335138c708f7907ef73b5b40564

  • SHA512

    50170e4654c189a35c4c6b0c75fcc4f3beabb6899c436297a01fda828a27f5480f3ef768a888b9d03b8207dfc8dbee9b7c9e5be07e35d3eb44f423b41567c665

Score
10/10
zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      907a644328011c9d50c192e06ef14bf5e6be5f4c3f4dddacfba7ebb8d22d0738.dll

    • Size

      776KB

    • MD5

      89d2e280a893091f2f60099cbaa616ed

    • SHA1

      cca6be054d570ae2b5ebc527b5ceb6e23ac15504

    • SHA256

      907a644328011c9d50c192e06ef14bf5e6be5f4c3f4dddacfba7ebb8d22d0738

    • SHA512

      6f73c20829b42e6a6064cdd97134af8edd78077f175eabf7ed28ff07eafad0c2fd241ec93a3d11075b716e2606b3f8aba40de6f37b83c39d9de3596c6c07e80f

    Score
    10/10
    zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks