Overview

overview

10

Static

static

3f1f000543...51.dll

windows7_x64

10

3f1f000543...51.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f1f00054377124affd8fb24f61b9a670858cc44282ffcf0341907f9dbcf1d51.zip

  • Size

    160KB

  • Sample

    210302-ra42tyc6es

  • MD5

    4237c2b9c8c2faff955df4485cf2e7cf

  • SHA1

    cc9939fa14682f566d5ae29e81651aa81798c3bd

  • SHA256

    ce842bdedc1b92083f23b2b7fe907950168225861a31320bdbada70d37215e6b

  • SHA512

    bb341d3760e2d9b766ba5b71d98ceb88cab5cae7b45676a7c1017ccad822ea8e809386ba7f69a94c59aa02ce3691d3511db6934170c16f597f47f821bf4802d7

Score
10/10
zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      3f1f00054377124affd8fb24f61b9a670858cc44282ffcf0341907f9dbcf1d51.dll

    • Size

      357KB

    • MD5

      613edea279057e441e911ce8d1a4b7c8

    • SHA1

      ec557b336ff11e216c669cc29c90a9e74771ee00

    • SHA256

      3f1f00054377124affd8fb24f61b9a670858cc44282ffcf0341907f9dbcf1d51

    • SHA512

      e65ad56aeb3d130d79f8870e49a5e3a6e49a0b8fd7a8cea152b70213f7073ab097d0dbd5cbf29b1f814463f92c6303030e70a5f78002bcfecc11f22a6590a5b6

    Score
    10/10
    zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks