Overview

overview

10

Static

static

c039b76a05...a4.dll

windows7_x64

10

c039b76a05...a4.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c039b76a0535b32bb74b35876dd2e0c609240c257dca13eba650d8882cf9c8a4

  • Size

    483KB

  • Sample

    211128-z1nm2aaffl

  • MD5

    7ae6927c1ad8cf4c07ac407daf97e291

  • SHA1

    85d0ab8066924c64d7a7b0bcfd60d6a5c972906c

  • SHA256

    c039b76a0535b32bb74b35876dd2e0c609240c257dca13eba650d8882cf9c8a4

  • SHA512

    7ff84628f74bc1d2c6733bd1f723fd4c55d173c4615522f008172aae73b97549f8e1125ce5d64e1be639e5f9ff439126bca4da5eb03261bb47af75ec76dfc3de

Score
10/10
zloadervasjavasjabotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

vasja

Campaign

vasja

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      c039b76a0535b32bb74b35876dd2e0c609240c257dca13eba650d8882cf9c8a4

    • Size

      483KB

    • MD5

      7ae6927c1ad8cf4c07ac407daf97e291

    • SHA1

      85d0ab8066924c64d7a7b0bcfd60d6a5c972906c

    • SHA256

      c039b76a0535b32bb74b35876dd2e0c609240c257dca13eba650d8882cf9c8a4

    • SHA512

      7ff84628f74bc1d2c6733bd1f723fd4c55d173c4615522f008172aae73b97549f8e1125ce5d64e1be639e5f9ff439126bca4da5eb03261bb47af75ec76dfc3de

    Score
    10/10
    zloadervasjavasjabotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks