zloader | 938f890613dc8526bb828c3de5d5c612b7c13515062fb6ca15f8abc1424f2835 | Triage

Sharing

General

Target

d6904948ae99d7bf84e6af9a978c3ae6.dll
Size

666KB
Sample

210415-rltvc4a262
MD5

d6904948ae99d7bf84e6af9a978c3ae6
SHA1

a272ccd04db93604874c8606e4f41ad8bb212540
SHA256

938f890613dc8526bb828c3de5d5c612b7c13515062fb6ca15f8abc1424f2835
SHA512

dbae64e1d607c23e5779fcd3da5e8e1f8348d324b68097758d07ca31a7778d5a22ae701d5999d324063095b61c30cc34a8ca2754dc878d4f87e94cbe72f387b6

Score

10^/10

zloader nut 13/04 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

nut

Campaign

13/04

C2

https://jiaayanu.com/post.php

https://investinszeklerland.eu/post.php

https://iqs-sac.com/post.php

https://jciems.in/post.php

https://jinnahofficersschool.com/post.php

https://kancagh.com/post.php

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  d6904948ae99d7bf84e6af9a978c3ae6.dll
- Size
  
  666KB
- MD5
  
  d6904948ae99d7bf84e6af9a978c3ae6
- SHA1
  
  a272ccd04db93604874c8606e4f41ad8bb212540
- SHA256
  
  938f890613dc8526bb828c3de5d5c612b7c13515062fb6ca15f8abc1424f2835
- SHA512
  
  dbae64e1d607c23e5779fcd3da5e8e1f8348d324b68097758d07ca31a7778d5a22ae701d5999d324063095b61c30cc34a8ca2754dc878d4f87e94cbe72f387b6
Score

10^/10

zloader nut 13/04 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloadernut13/04botnettrojan

behavioral2

zloadernut13/04botnettrojan