1391343.dll

General
Target

1391343.dll

Size

500KB

Sample

210316-7wv57c1c4n

Score
10 /10
MD5

c91aa7c80fa2e6fbf094040caeabca14

SHA1

aaa87f6e2b6f923df5aa4b92ebe70bb744d1f311

SHA256

e5af4868fc46a5a675d9e93c4e45b9fef7043fe2263ad0bd9469082c00d74139

SHA512

10bef80585a6ca2cf32c3a526aeca4072d108c8c488a5b5e9744a487cdfc48a1f3ce5935e33f7ae5b0d961e2b291c0c79c882df3f1a64f54c4adb6d49b1e1ac1

Malware Config

Extracted

Family zloader
Botnet googleaktualizacija
Campaign googleaktualizacija2
C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

rc4.plain
rsa_pubkey.plain
Targets
Target

1391343.dll

MD5

c91aa7c80fa2e6fbf094040caeabca14

Filesize

500KB

Score
10 /10
SHA1

aaa87f6e2b6f923df5aa4b92ebe70bb744d1f311

SHA256

e5af4868fc46a5a675d9e93c4e45b9fef7043fe2263ad0bd9469082c00d74139

SHA512

10bef80585a6ca2cf32c3a526aeca4072d108c8c488a5b5e9744a487cdfc48a1f3ce5935e33f7ae5b0d961e2b291c0c79c882df3f1a64f54c4adb6d49b1e1ac1

Tags

Signatures

  • Zloader, Terdot, DELoader, ZeusSphinx

    Description

    Zloader is a malware strain that was initially discovered back in August 2015.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral2

                          1/10