Overview

overview

10

Static

static

microsoft_...mp.dll

windows7_x64

10

microsoft_...mp.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    microsoft_shared.tmp.zip

  • Size

    278KB

  • Sample

    210612-s1k3zc1qf6

  • MD5

    d2f81f9012d0aa6eb949a9118fa3866c

  • SHA1

    eb572ea4733ce4ec1c457b39988bcfe5745b5fec

  • SHA256

    5b01e0d1289bb6e4811129586bc3253372cc6a3ceb6fda81db2d3fd01ef4a8af

  • SHA512

    c54097b2275e44eeb256a65aca0e5ca3cc96a9495dca67a1518e01e475e79687d866af2ac935c46d992651c44d90fb12dedcdeadfc67aedfec9c1960c90346f6

Score
10/10
zloaderpersonalpersonalbotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

personal

Campaign

personal

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
rc4.plain
rsa_pubkey.plain

Targets

    • Target

      microsoft_shared.tmp

    • Size

      533KB

    • MD5

      67fc6cca4761bb4913b49d3257dff8a4

    • SHA1

      2c9e8fa1e4f7dd5547880e0b7b56148553fdfdde

    • SHA256

      9c201b6131cd721438f814bd308168b95a3bfbc7785c9ac2ee19209ae50e8232

    • SHA512

      3f516bd83acddda8abdbce8971451a23ad63bdeffc09979c1b1714371ce71912633ea52215aec28a937356ff08220e3ecce24736c818085352a2a3bfa1ea1796

    Score
    10/10
    zloaderpersonalpersonalbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks