zloader | zloader[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

zloader.dll

windows7_x64

1

zloader.dll

windows10-2004_x64

Sharing

Static task

static1

jho 25/03 zloader

Behavioral task

behavioral1

Sample

zloader.dll

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

zloader.dll

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

General

Target

zloader.bin
Size

184KB
MD5

6e652cd4720937ac31e113a4c6496e82
SHA1

599c42dd72c1469120b64470c17efc7d0ece9910
SHA256

c21fbf33fe025c03f38ce6190fd011f01a3e9c03d99acd7648845c28ccbc3777
SHA512

b906150fb492d20a9263b68e700444f8014135d89c6a520c13561cf9d0fe3d83e31980c44a86db87a1671a34e298049acb35e53cffdfe0f69b9cbd96426d97ef
SSDEEP

3072:d6rBh0TNNtenUg5AFm3tfHpD4MX4QcJu4+2ReNUboRt0qwg/:d480UgKm5HpDh4ZJS2RgQoRt0q

Score

10^/10

jho 25/03 zloader

Malware Config

Extracted

Family

zloader

Botnet

Jho

Campaign

25/03

C2

https://wgyvjbse.pw/milagrecf.php

https://botiq.xyz/milagrecf.php

Attributes

build_id
106

rc4.plain

Signatures

Zloader family
zloader

Files

zloader.bin
.dll regsvr32 windows x86

c4a8909c0bccc13eaa9bdf93bacea9e6

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentProcessId
GetLastError
GetTempPathA

Exports

Exports

DllRegisterServer

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy