Overview

overview

10

Static

static

5192df66d6...84.dll

windows7_x64

10

5192df66d6...84.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5192df66d6e6bec165322efcb90687347ded916bceb835c95e3191e735029984

  • Size

    642KB

  • Sample

    211206-271bhsace7

  • MD5

    5708cab401d3a2dbca16c57d40659a5c

  • SHA1

    f366e16d4c556e698f2b35c5b64123069d2b6af1

  • SHA256

    5192df66d6e6bec165322efcb90687347ded916bceb835c95e3191e735029984

  • SHA512

    01687a1aba85533a34a56e88a77b4140699c7dfa9e559cb4e5924db2d414d0f762fed84cc842c740234894fdfd2966c406fcd9e7ef7788dc0927f604fa6230aa

Score
10/10
zloadergoogleaktualizacijagoogleaktualizacija1botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija1

C2

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php

https://dksaoidiakjd.su/gate.php

https://iweuiqjdakjd.su/gate.php

https://yuidskadjna.su/gate.php

https://olksmadnbdj.su/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
Attributes
  • build_id

    155

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      5192df66d6e6bec165322efcb90687347ded916bceb835c95e3191e735029984

    • Size

      642KB

    • MD5

      5708cab401d3a2dbca16c57d40659a5c

    • SHA1

      f366e16d4c556e698f2b35c5b64123069d2b6af1

    • SHA256

      5192df66d6e6bec165322efcb90687347ded916bceb835c95e3191e735029984

    • SHA512

      01687a1aba85533a34a56e88a77b4140699c7dfa9e559cb4e5924db2d414d0f762fed84cc842c740234894fdfd2966c406fcd9e7ef7788dc0927f604fa6230aa

    Score
    10/10
    zloadergoogleaktualizacijagoogleaktualizacija1botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks