zloader | 3a659be16afd89a3f8ba12745b545bc0bb4ddf747078b37186af00e7e332fbb2 | Triage

Sharing

General

Target

mHMUKpx.dll
Size

706KB
Sample

210304-3yay7z3e92
MD5

051fc424638f35d333e95a0601cfd336
SHA1

3acbcb36bad30f486b03897ef4fd321dbfe40d40
SHA256

3a659be16afd89a3f8ba12745b545bc0bb4ddf747078b37186af00e7e332fbb2
SHA512

ed6276b62b3cad463b36861c75624d59ae15964959a07e39afeff1367f22afadfe1d8f72d2f01f8db73dd98da00a4bfc18938e78c48394440ea6ad9a0a095337

Score

10^/10

zloader bot5 bot5 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

rc4.plain

Targets

- Target
  
  mHMUKpx.dll
- Size
  
  706KB
- MD5
  
  051fc424638f35d333e95a0601cfd336
- SHA1
  
  3acbcb36bad30f486b03897ef4fd321dbfe40d40
- SHA256
  
  3a659be16afd89a3f8ba12745b545bc0bb4ddf747078b37186af00e7e332fbb2
- SHA512
  
  ed6276b62b3cad463b36861c75624d59ae15964959a07e39afeff1367f22afadfe1d8f72d2f01f8db73dd98da00a4bfc18938e78c48394440ea6ad9a0a095337
Score

10^/10

zloader bot5 bot5 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderbot5bot5botnettrojan

behavioral2

zloaderbot5bot5botnettrojan