Overview

overview

10

Static

static

10

bc90f78262...50.dll

windows7_x64

10

bc90f78262...50.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc90f78262d08adeb79ec5bff75d292820658ad3cf7c71f12d3f8173272f1d50.zip

  • Size

    111KB

  • Sample

    210304-x2xrj1f58j

  • MD5

    cafde00d8bdfab6ca083f69b292e784f

  • SHA1

    1d0935530d7602149e363644570e4faacd64eade

  • SHA256

    3f6770b1fd04455d8b9ff816a7c65a44afd18ec1d195e78c7e49fbbeb0051afc

  • SHA512

    a386ac23b5adaa263a111c6254dc781d353ab610cf5f38cfad2f9c5fbfd5f59e39462ae691670ae80e3f2cf9b3b845ee1b8eda15702f3395e7e7b235517422f2

Score
10/10
zloaderapr07canadabotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

apr07

Campaign

Canada

C2

http://march262020.best/post.php

http://march262020.club/post.php

http://march262020.com/post.php

http://march262020.live/post.php

http://march262020.network/post.php

http://march262020.online/post.php

http://march262020.site/post.php

http://march262020.store/post.php

http://march262020.tech/post.php
rc4.plain

Targets

    • Target

      bc90f78262d08adeb79ec5bff75d292820658ad3cf7c71f12d3f8173272f1d50.dll

    • Size

      182KB

    • MD5

      6db05bcfe9c321569641a1ad74dd94e8

    • SHA1

      5715d64a25e570bd39d1bbb611eeeb006f143899

    • SHA256

      bc90f78262d08adeb79ec5bff75d292820658ad3cf7c71f12d3f8173272f1d50

    • SHA512

      7e7bc4d6d1e9ff581312e8e60a29fc4607966db80f0997a930861a0f5d5826f286fa8398dbd7c33b91ca36e13e088c2b183a4cb1f78aad55a2d6b290e3ad46a0

    Score
    10/10
    zloaderapr07canadabotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks