Overview

overview

10

Static

static

1391343.dll

windows7_x64

10

1391343.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1391343.dll

  • Size

    500KB

  • Sample

    210316-7wv57c1c4n

  • MD5

    c91aa7c80fa2e6fbf094040caeabca14

  • SHA1

    aaa87f6e2b6f923df5aa4b92ebe70bb744d1f311

  • SHA256

    e5af4868fc46a5a675d9e93c4e45b9fef7043fe2263ad0bd9469082c00d74139

  • SHA512

    10bef80585a6ca2cf32c3a526aeca4072d108c8c488a5b5e9744a487cdfc48a1f3ce5935e33f7ae5b0d961e2b291c0c79c882df3f1a64f54c4adb6d49b1e1ac1

Score
10/10
zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      1391343.dll

    • Size

      500KB

    • MD5

      c91aa7c80fa2e6fbf094040caeabca14

    • SHA1

      aaa87f6e2b6f923df5aa4b92ebe70bb744d1f311

    • SHA256

      e5af4868fc46a5a675d9e93c4e45b9fef7043fe2263ad0bd9469082c00d74139

    • SHA512

      10bef80585a6ca2cf32c3a526aeca4072d108c8c488a5b5e9744a487cdfc48a1f3ce5935e33f7ae5b0d961e2b291c0c79c882df3f1a64f54c4adb6d49b1e1ac1

    Score
    10/10
    zloadergoogleaktualizacijagoogleaktualizacija2botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks