Overview

overview

10

Static

static

545cddce00...7a.dll

windows7_x64

10

545cddce00...7a.dll

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    545cddce00ecd272ddbce4a78220b79a55961435363f8dee830358802cc9fb7a

  • Size

    1009KB

  • Sample

    211206-274nyaace8

  • MD5

    013503a87d2425c0384a0cf1ef89cfb4

  • SHA1

    eb11ac7e928f1400ff6ac6bc859b79e1edfffd6f

  • SHA256

    545cddce00ecd272ddbce4a78220b79a55961435363f8dee830358802cc9fb7a

  • SHA512

    3810c5a4693f347179b06dfdf12a058e4befeb9840faca118d01734289407695de0a07ca7ee73e9a025a038d60f941af1ddd1a6e9f525591c20bc6e54a117e3b

Score
10/10
zloaderjune11junebotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

June11

Campaign

June

C2

http://snnmnkxdhflwgthqismb.com/post.php

http://nlbmfsyplohyaicmxhum.com/post.php

http://softwareserviceupdater1.com/post.php

http://softwareserviceupdater2.com/post.php
Attributes
  • build_id

    151

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      545cddce00ecd272ddbce4a78220b79a55961435363f8dee830358802cc9fb7a

    • Size

      1009KB

    • MD5

      013503a87d2425c0384a0cf1ef89cfb4

    • SHA1

      eb11ac7e928f1400ff6ac6bc859b79e1edfffd6f

    • SHA256

      545cddce00ecd272ddbce4a78220b79a55961435363f8dee830358802cc9fb7a

    • SHA512

      3810c5a4693f347179b06dfdf12a058e4befeb9840faca118d01734289407695de0a07ca7ee73e9a025a038d60f941af1ddd1a6e9f525591c20bc6e54a117e3b

    Score
    10/10
    zloaderjune11junebotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Blocklisted process makes network request

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks