zloader | 9e62cd00483118b0da443e30643f712bd93de44400c80361a369ad5c18128655 | Triage

Sharing

General

Target

9e62cd00483118b0da443e30643f712bd93de44400c80361a369ad5c18128655
Size

561KB
Sample

220205-pfxp4abbh5
MD5

81d69914695f57701740f392a68c7e5d
SHA1

cbc7c6f718473d39c5518e4fa03bdb1af758cbb4
SHA256

9e62cd00483118b0da443e30643f712bd93de44400c80361a369ad5c18128655
SHA512

df925c8fade2548069284d2c3080ab26010b546e8477fb0fe9fccb38c00a1c258423954405f57d82732c4eae9a6f63bb7b11b68242f2afca5ae7c9358151fd43

Score

10^/10

zloader 08/04 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

08/04

C2

https://kuaxbdkvbbmivbxkrrev.com/wp-config.php

https://hwbblyyrb.pw/wp-config.php

Attributes

build_id
134

rc4.plain

Targets

- Target
  
  9e62cd00483118b0da443e30643f712bd93de44400c80361a369ad5c18128655
- Size
  
  561KB
- MD5
  
  81d69914695f57701740f392a68c7e5d
- SHA1
  
  cbc7c6f718473d39c5518e4fa03bdb1af758cbb4
- SHA256
  
  9e62cd00483118b0da443e30643f712bd93de44400c80361a369ad5c18128655
- SHA512
  
  df925c8fade2548069284d2c3080ab26010b546e8477fb0fe9fccb38c00a1c258423954405f57d82732c4eae9a6f63bb7b11b68242f2afca5ae7c9358151fd43
Score

10^/10

zloader 08/04 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloader08/04botnettrojan

behavioral2