zloader | hxxp://voland[.]link/XgHcsrfsm?cost=0[.]002&currency=USD&external_id=210316043550f299aa48d24b95b3594e0000&ad_campaign_id=1735701&source=clickadu&sub_id_1=1711301

Resubmissions

24-03-2021 22:59

210324-ek4w44q4b2 1

16-03-2021 10:19

210316-1ad7ax3a3a 10

Sharing

Copy URL

Twitter E-mail

General

Target

http://voland.link/XgHcsrfsm?cost=0.002&currency=USD&external_id=210316043550f299aa48d24b95b3594e0000&ad_campaign_id=1735701&source=clickadu&sub_id_1=1711301
Sample

210316-1ad7ax3a3a

Score

10^/10

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  http://voland.link/XgHcsrfsm?cost=0.002&currency=USD&external_id=210316043550f299aa48d24b95b3594e0000&ad_campaign_id=1735701&source=clickadu&sub_id_1=1711301
Score

10^/10

zloader googleaktualizacija googleaktualizacija2 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Zloader, Terdot, DELoader, ZeusSphinx

Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks

static1

urlscan1

behavioral1