Extracted

• • Target

    fffd7bc61eb5b9759a97699efdf9455b76d9e198b87d75ebdb8a2fa2a4a08306

  • Size

    408KB

  • MD5

    2fa4f74d7a863c65769becdb7e81a752

  • SHA1

    3797c53fc81d27f6e4ef041323bb6c8d38888b88

  • SHA256

    fffd7bc61eb5b9759a97699efdf9455b76d9e198b87d75ebdb8a2fa2a4a08306

  • SHA512

    e11cb310ec51b24b274434b0ec08f4ec1d7f8e6b2753fa2d89cf51c49b0511ea25d4b0a5750d68f6b0f28840ac67ce9e02eb039b12e729c66ae11786834cc1bf

  Score

  10^/10

  zloadermiguel21/04botnettrojanpersistence

  • Zloader, Terdot, DELoader, ZeusSphinx

    Zloader is a malware strain that was initially discovered back in August 2015.

    trojanbotnetzloader

  • Sets service image path in registry

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2