Overview

overview

10

Static

static

ca.dll

windows7_x64

10

ca.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca.dll

  • Size

    1.7MB

  • Sample

    211207-es72gsage2

  • MD5

    ca0376cce08c82a5d4c476c4922c4779

  • SHA1

    99644ab0f8d4dde1eb11b7ff88ebd66b21d73f24

  • SHA256

    f0b6c677bac2de611e0866e849cebd64ec5454885fdd7be5bf0c1c5a17846e3a

  • SHA512

    80ad7465be9cfb1e9eabe46e7218c28ffdb71c75b055b9f196f33ac70c3ec80c1e4e9b9ada03d6e4b49415ad1dcea81b2b343df52851f0c2c528131725405813

Score
10/10
zloaderreturnreturnbotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

return

Campaign

return

C2

https://asdfghdsajkl.com/gate.php

https://lkjhgfgsdshja.com/gate.php

https://kjdhsasghjds.com/gate.php

https://kdjwhqejqwij.com/gate.php

https://iasudjghnasd.com/gate.php

https://daksjuggdhwa.com/gate.php

https://dkisuaggdjhna.com/gate.php

https://eiqwuggejqw.com/gate.php

https://dquggwjhdmq.com/gate.php

https://djshggadasj.com/gate.php
Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      ca.dll

    • Size

      1.7MB

    • MD5

      ca0376cce08c82a5d4c476c4922c4779

    • SHA1

      99644ab0f8d4dde1eb11b7ff88ebd66b21d73f24

    • SHA256

      f0b6c677bac2de611e0866e849cebd64ec5454885fdd7be5bf0c1c5a17846e3a

    • SHA512

      80ad7465be9cfb1e9eabe46e7218c28ffdb71c75b055b9f196f33ac70c3ec80c1e4e9b9ada03d6e4b49415ad1dcea81b2b343df52851f0c2c528131725405813

    Score
    10/10
    zloaderreturnreturnbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks