General
-
Target
todxofs.dll
-
Size
421KB
-
Sample
210304-3wfljytl3s
-
MD5
f40160b2cfe0667cb4010a400a835a06
-
SHA1
976c70ede8d10e825cb9e5bd5da0dd2a251bd0e8
-
SHA256
d63088780e90eda6a7ce286d6b190614f0ea6f1f55c6e6e9d6a30260eb84d03c
-
SHA512
e919819cdc45b2ed93c69f3f0267698940ee316707f6a722697100bfa79da9d277667c0276f36ba47f62dea8855e18e0e8ffaf5a708b369d73d2961b9fdfc3b4
Malware Config
Extracted
zloader
April23Fixed
April23Fixed
http://wmwifbajxxbcxmucxmlc.com/post.php
http://onfovdaqqrwbvdfoqnof.com/post.php
http://cmmxhurildiigqghlryq.com/post.php
http://nmqsmbiabjdnuushksas.com/post.php
http://fvqlkgedqjiqgapudkgq.com/post.php
http://iawfqecrwohcxnhwtofa.com/post.php
http://nlbmfsyplohyaicmxhum.com/post.php
http://snnmnkxdhflwgthqismb.com/post.php
Targets
-
-
Target
todxofs.dll
-
Size
421KB
-
MD5
f40160b2cfe0667cb4010a400a835a06
-
SHA1
976c70ede8d10e825cb9e5bd5da0dd2a251bd0e8
-
SHA256
d63088780e90eda6a7ce286d6b190614f0ea6f1f55c6e6e9d6a30260eb84d03c
-
SHA512
e919819cdc45b2ed93c69f3f0267698940ee316707f6a722697100bfa79da9d277667c0276f36ba47f62dea8855e18e0e8ffaf5a708b369d73d2961b9fdfc3b4
Score10/10-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Suspicious use of SetThreadContext
-