Overview

overview

10

Static

static

bd8fb3c8ab...01.dll

windows7_x64

10

bd8fb3c8ab...01.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd8fb3c8abf97cdd741af7e8fd921a3b5d4a1efde9490933e405baa8f5226101.zip

  • Size

    160KB

  • Sample

    210302-wpj5thb6aa

  • MD5

    0be4327e762d991251d5eae7e6dc22d3

  • SHA1

    00d4cd9fcb26fc9d4d1d31a0a9561eccc561de21

  • SHA256

    b3de1118d6c87e6a1dfb9cc39e01073c8dc7af9057a60e03d7f168182700dc19

  • SHA512

    53b3574f0d285246f646716beee5d8c34290faf695f68d39fe20d498c2dca8643101a79c076fe8b00339b76abf02f451eece1df1452af7620a6f0b5644a91f7b

Score
10/10
zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      bd8fb3c8abf97cdd741af7e8fd921a3b5d4a1efde9490933e405baa8f5226101.dll

    • Size

      357KB

    • MD5

      9fc59f68d528d95e13a706e6f5c8cc9d

    • SHA1

      64b3489a39907d5a8adc8fabf18afeb6f573a97e

    • SHA256

      bd8fb3c8abf97cdd741af7e8fd921a3b5d4a1efde9490933e405baa8f5226101

    • SHA512

      a1e5df2e959ced5b4d16bfbbef512e2129e3d82e4fd799ad6e24728a29903617b54a1c7af322215a5899ab03cd51f17eaa8e57a27644398c8a08e42c42cf3712

    Score
    10/10
    zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks