General

  • Target

    be6c43eb0c59b6f752d2c237fccb0e91523e50423057ccf0c17121584bdf3fed

  • Size

    506KB

  • Sample

    220208-12vy6sfef2

  • MD5

    6fc31eeb82459891900975bdf5d7b789

  • SHA1

    5f7717ca5a41d29859327b0341fa8246ec54a936

  • SHA256

    be6c43eb0c59b6f752d2c237fccb0e91523e50423057ccf0c17121584bdf3fed

  • SHA512

    828150dfc6892ab3c6fff0d103aa0b4f4297ce24dabd48354699ad2e6e20ee1dbedc6e8b2bc45a145c91bb8196dd2be6f0a4af382524a04bb8dc0032d2821244

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes
  • build_id

    156

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      be6c43eb0c59b6f752d2c237fccb0e91523e50423057ccf0c17121584bdf3fed

    • Size

      506KB

    • MD5

      6fc31eeb82459891900975bdf5d7b789

    • SHA1

      5f7717ca5a41d29859327b0341fa8246ec54a936

    • SHA256

      be6c43eb0c59b6f752d2c237fccb0e91523e50423057ccf0c17121584bdf3fed

    • SHA512

      828150dfc6892ab3c6fff0d103aa0b4f4297ce24dabd48354699ad2e6e20ee1dbedc6e8b2bc45a145c91bb8196dd2be6f0a4af382524a04bb8dc0032d2821244

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks