Overview

overview

10

Static

static

3e3fcbd20c...19.dll

windows7_x64

10

3e3fcbd20c...19.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19

  • Size

    561KB

  • Sample

    220205-t4lpysdehr

  • MD5

    5379604500eac848ff6a33c97211cd7b

  • SHA1

    5e3aa59ce244588b4fd2e1ba371c4ff0911adea3

  • SHA256

    3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19

  • SHA512

    c8327321cf305d8079012f5984b9731ea29d7a0274e1cb0faab036c4643ca4172b367a1363b960d5cba4a708fefa947e592d480495c17d6e43016afa55475b70

Score
10/10
zloader08/04botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

08/04

C2

https://kuaxbdkvbbmivbxkrrev.com/wp-config.php

https://hwbblyyrb.pw/wp-config.php
Attributes
  • build_id

    134

rc4.plain

Targets

    • Target

      3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19

    • Size

      561KB

    • MD5

      5379604500eac848ff6a33c97211cd7b

    • SHA1

      5e3aa59ce244588b4fd2e1ba371c4ff0911adea3

    • SHA256

      3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19

    • SHA512

      c8327321cf305d8079012f5984b9731ea29d7a0274e1cb0faab036c4643ca4172b367a1363b960d5cba4a708fefa947e592d480495c17d6e43016afa55475b70

    Score
    10/10
    zloader08/04botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks