Overview

overview

10

Static

static

10

4029f9fcba...5a.exe

windows7_x64

3

4029f9fcba...5a.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a

  • Size

    208KB

  • Sample

    211004-m6mlpsgccp

  • MD5

    5c76c41f9d0cc939240b3101541b5475

  • SHA1

    da361ec6976d3d9225ce40951b26d1d8ecdb7fd1

  • SHA256

    4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a

  • SHA512

    34eb9bfde1ad411439704d30c5c555ea6a6966ff1f9993a3ec08d68c821d2119b702503fe40ead14f1ab37cf48767b3dcf95bbfe7a3a6080ca79bc9bec72bccb

Score
10/10
zloadertelegramcryptantiamsidoc

Malware Config

Extracted

Family

zloader

Botnet

TelegramCrypt

Campaign

AntiAMSIdoc

C2

http://wmwifbajxxbcxmucxmlc.com/post.php

http://pwkqhdgytsshkoibaake.com/post.php

http://snnmnkxdhflwgthqismb.com/post.php

http://iawfqecrwohcxnhwtofa.com/post.php

http://nlbmfsyplohyaicmxhum.com/post.php

http://fvqlkgedqjiqgapudkgq.com/post.php

http://cmmxhurildiigqghlryq.com/post.php

http://nmqsmbiabjdnuushksas.com/post.php

http://fyratyubvflktyyjiqgq.com/post.php
rc4.plain

Targets

    • Target

      4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a

    • Size

      208KB

    • MD5

      5c76c41f9d0cc939240b3101541b5475

    • SHA1

      da361ec6976d3d9225ce40951b26d1d8ecdb7fd1

    • SHA256

      4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a

    • SHA512

      34eb9bfde1ad411439704d30c5c555ea6a6966ff1f9993a3ec08d68c821d2119b702503fe40ead14f1ab37cf48767b3dcf95bbfe7a3a6080ca79bc9bec72bccb

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks