General

  • Target

    049d162b68a4c2ebbc872a0a8805080e5db84cfeb398339c09c4be1617e37451

  • Size

    380KB

  • Sample

    210811-rn1tea5p5x

  • MD5

    e9679d6f35338721f38ba3af845bf73a

  • SHA1

    a2815a8f4431bb2895672c43c4ef4cb7d8523fe0

  • SHA256

    049d162b68a4c2ebbc872a0a8805080e5db84cfeb398339c09c4be1617e37451

  • SHA512

    379a777e11b1c7a6e499cfd6a00e003ff2c64c6bdec4c6f4170f84e4092ea9e5a392dced381c7d977bc5f8454f1c6aa6548df814e92eaf6effbd6b4c34ece56e

Malware Config

Extracted

Family

zloader

Botnet

vasja

Campaign

vasja

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      049d162b68a4c2ebbc872a0a8805080e5db84cfeb398339c09c4be1617e37451

    • Size

      380KB

    • MD5

      e9679d6f35338721f38ba3af845bf73a

    • SHA1

      a2815a8f4431bb2895672c43c4ef4cb7d8523fe0

    • SHA256

      049d162b68a4c2ebbc872a0a8805080e5db84cfeb398339c09c4be1617e37451

    • SHA512

      379a777e11b1c7a6e499cfd6a00e003ff2c64c6bdec4c6f4170f84e4092ea9e5a392dced381c7d977bc5f8454f1c6aa6548df814e92eaf6effbd6b4c34ece56e

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks