Overview

overview

10

Static

static

4a9cfd8221...ce.dll

windows7_x64

10

4a9cfd8221...ce.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece

  • Size

    1.1MB

  • Sample

    220213-fbybdseac5

  • MD5

    d4c65c56fa4bc016c835310778682dd8

  • SHA1

    dfd390331c9f0de6c9681466c09e46feff88e7bb

  • SHA256

    4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece

  • SHA512

    bdcacb45eb4b2d25ae6c3630e2c2442c843c4688db3be12850d8ff255f29dafda8292e709a9d180938a5e210cac5248d60a951cfe7265f36f596b846af334e8d

Score
10/10
zloaderjho25/05botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

Jho

Campaign

25/05

C2

https://tentrhetarav.gq/wp-parser.php

https://slidirinisprec.ml/wp-parser.php

https://iedison.vip/wp-parser.php

https://financiallifecoaching.com/wp-parser.php

https://fly2go.cn/wp-parser.php
Attributes
  • build_id

    230

rc4.plain

Targets

    • Target

      4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece

    • Size

      1.1MB

    • MD5

      d4c65c56fa4bc016c835310778682dd8

    • SHA1

      dfd390331c9f0de6c9681466c09e46feff88e7bb

    • SHA256

      4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece

    • SHA512

      bdcacb45eb4b2d25ae6c3630e2c2442c843c4688db3be12850d8ff255f29dafda8292e709a9d180938a5e210cac5248d60a951cfe7265f36f596b846af334e8d

    Score
    10/10
    zloaderjho25/05botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks