General
-
Target
f53350e79061f139201dfe86a38c3c36.exe
-
Size
165KB
-
Sample
210813-72xsh9djrx
-
MD5
f53350e79061f139201dfe86a38c3c36
-
SHA1
90b00fc5d9a4018df2db6bca54f9a37082053989
-
SHA256
26b22c0b1b4aab76f6a483ae3aec9f4eface7c7f5aeb546554afdf4ab0d54a6f
-
SHA512
4576dca186150fbd0c6db080d943a361556f7e6a0bf0abca5c2c3086e2c347b7cf1ba9c9f202be19ec6bff898f02960bb3fc39173f619068910aa1491ac4594e
Malware Config
Extracted
zloader
vasja
vasja
https://iqowijsdakm.com/gate.php
https://wiewjdmkfjn.com/gate.php
https://dksaoidiakjd.com/gate.php
https://iweuiqjdakjd.com/gate.php
https://yuidskadjna.com/gate.php
https://olksmadnbdj.com/gate.php
https://odsakmdfnbs.com/gate.php
https://odsakjmdnhsaj.com/gate.php
https://odjdnhsaj.com/gate.php
https://odoishsaj.com/gate.php
Targets
-
-
Target
f53350e79061f139201dfe86a38c3c36.exe
-
Size
165KB
-
MD5
f53350e79061f139201dfe86a38c3c36
-
SHA1
90b00fc5d9a4018df2db6bca54f9a37082053989
-
SHA256
26b22c0b1b4aab76f6a483ae3aec9f4eface7c7f5aeb546554afdf4ab0d54a6f
-
SHA512
4576dca186150fbd0c6db080d943a361556f7e6a0bf0abca5c2c3086e2c347b7cf1ba9c9f202be19ec6bff898f02960bb3fc39173f619068910aa1491ac4594e
Score10/10-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-