Resubmissions

20-01-2022 16:43

220120-t78nwsagc2 10

19-01-2022 12:07

220119-palqmshehq 10

General

  • Target

    us.dll

  • Size

    844KB

  • Sample

    220119-palqmshehq

  • MD5

    ba8812816a3996e9c1efcc2619e54afd

  • SHA1

    7bf1daf34d94a332c5e2a177f6a1a08fcd6d8605

  • SHA256

    934eec008c02c1f626a801341aea72172e4bad99bc7737ab63a0158921e20467

  • SHA512

    a66cf0e8324ee4be30ba4f786f1c9a821726cb52cb7becdabb2b2765cef2c8135bd66ae1be6e448744c7345a8e64e9c35af5560c0a6bffc9b186693ef143ea50

Malware Config

Extracted

Family

zloader

Botnet

9092us

Campaign

9092us

C2

https://asdfghdsajkl.com/gate.php

https://lkjhgfgsdshja.com/gate.php

https://kjdhsasghjds.com/gate.php

https://kdjwhqejqwij.com/gate.php

https://iasudjghnasd.com/gate.php

https://daksjuggdhwa.com/gate.php

https://dkisuaggdjhna.com/gate.php

https://eiqwuggejqw.com/gate.php

https://dquggwjhdmq.com/gate.php

https://djshggadasj.com/gate.php

Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      us.dll

    • Size

      844KB

    • MD5

      ba8812816a3996e9c1efcc2619e54afd

    • SHA1

      7bf1daf34d94a332c5e2a177f6a1a08fcd6d8605

    • SHA256

      934eec008c02c1f626a801341aea72172e4bad99bc7737ab63a0158921e20467

    • SHA512

      a66cf0e8324ee4be30ba4f786f1c9a821726cb52cb7becdabb2b2765cef2c8135bd66ae1be6e448744c7345a8e64e9c35af5560c0a6bffc9b186693ef143ea50

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks