Resubmissions

04-11-2021 14:56

211104-sa37gaghb3 10

26-10-2021 13:37

211026-qwzp3ahfb2 10

21-10-2021 22:13

211021-143rssbgdj 10

General

  • Target

    5596297483681792.zip

  • Size

    232KB

  • Sample

    211026-qwzp3ahfb2

  • MD5

    6615b1827642aaa011cb27391c63b214

  • SHA1

    2a3a08e027b840c82ce74b9561326cedff3b4caa

  • SHA256

    66ab31fc088b2b58b1ab428a06b6bf067ca401947ba4f17bbb6ffe5f46f1c473

  • SHA512

    626812da94a2113c3027da6112aa9e2508f6ecaf1ba85b6e24594a4192ce0eb921e21a3508bd7920dc491f93f21098590873225002811e9236a0e7085b752709

Malware Config

Extracted

Family

zloader

Botnet

tim

Campaign

tim

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      95a8370c36d81ea596d83892115ce6b90717396c8f657b17696c7eeb2dba1d2e

    • Size

      429KB

    • MD5

      75784d297b3d6fb4d434b6890f6334ab

    • SHA1

      dc945e57be6bdd3cc4894d6cff7dd90a76f6c416

    • SHA256

      95a8370c36d81ea596d83892115ce6b90717396c8f657b17696c7eeb2dba1d2e

    • SHA512

      f54baffc5b545aaa4d939505181466d7b78bb583fd32da6cbf8cea058fca8869e8bf7bf3272f43d09a7b24dc6e821c9aa0e3875dd2959173e704d57568915fa1

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks