Overview

overview

10

Static

static

080d85b4fb...8a.dll

windows7_x64

10

080d85b4fb...8a.dll

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    080d85b4fb230f61157fdde662290742adbd105888a575cdc692c3938376e48a

  • Size

    225KB

  • Sample

    220201-m3szbadgb3

  • MD5

    c0a3c069a94b35620fc210e4b68b4f01

  • SHA1

    e8b3ec66c28dedaa18b968bcd267a2c912a92e87

  • SHA256

    080d85b4fb230f61157fdde662290742adbd105888a575cdc692c3938376e48a

  • SHA512

    5bd77b40aaf46cb96c94562585b5bb0fb86e9a80d842c8e36e3c032c0d7c55cecf3aca9168df49bcc43039ccebc12a81af6dd1748962a0ae42d10c28bd6448f6

Score
10/10
zloadermain2020-06-15botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

main

Campaign

2020-06-15

C2

https://matarlod.org/web/data

https://datearoc.org/web/data

https://rechnecy.org/web/data

https://ramissal.org/web/data

https://raidesci.org/web/data

https://glartrot.org/web/data

https://revenapo.org/web/data

https://brenonip.org/web/data
Attributes
  • build_id

    7

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      080d85b4fb230f61157fdde662290742adbd105888a575cdc692c3938376e48a

    • Size

      225KB

    • MD5

      c0a3c069a94b35620fc210e4b68b4f01

    • SHA1

      e8b3ec66c28dedaa18b968bcd267a2c912a92e87

    • SHA256

      080d85b4fb230f61157fdde662290742adbd105888a575cdc692c3938376e48a

    • SHA512

      5bd77b40aaf46cb96c94562585b5bb0fb86e9a80d842c8e36e3c032c0d7c55cecf3aca9168df49bcc43039ccebc12a81af6dd1748962a0ae42d10c28bd6448f6

    Score
    10/10
    zloadermain2020-06-15botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks