General

  • Target

    9092.dll

  • Size

    1.2MB

  • Sample

    220127-zq23nsahf3

  • MD5

    44c23544f1a62380dbd705594905dd32

  • SHA1

    beab91a74563df8049a894d5a2542dd8843553c2

  • SHA256

    6c4e4b3df9dc07fbccc61563533246eed88269a53a95089ccc6bf96b508e15c3

  • SHA512

    1435cb385746b373215cbced504609de72b71e161a59ab773b11873d54ebfc2fbeb9323342ada25f525cfb2f6dbda19e97c65f0e9bc000b1ef0fc28f9ea28b71

Malware Config

Extracted

Family

zloader

Botnet

9092us

Campaign

9092us

C2

https://asdfghdsajkl.com/gate.php

https://lkjhgfgsdshja.com/gate.php

https://kjdhsasghjds.com/gate.php

https://kdjwhqejqwij.com/gate.php

https://iasudjghnasd.com/gate.php

https://daksjuggdhwa.com/gate.php

https://dkisuaggdjhna.com/gate.php

https://eiqwuggejqw.com/gate.php

https://dquggwjhdmq.com/gate.php

https://djshggadasj.com/gate.php

Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      9092.dll

    • Size

      1.2MB

    • MD5

      44c23544f1a62380dbd705594905dd32

    • SHA1

      beab91a74563df8049a894d5a2542dd8843553c2

    • SHA256

      6c4e4b3df9dc07fbccc61563533246eed88269a53a95089ccc6bf96b508e15c3

    • SHA512

      1435cb385746b373215cbced504609de72b71e161a59ab773b11873d54ebfc2fbeb9323342ada25f525cfb2f6dbda19e97c65f0e9bc000b1ef0fc28f9ea28b71

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks