General

  • Target

    0fe26492c733ffede1ec0d3311fd97d2d78b5ad0812fa6a5b0b1f7b1128c92a7

  • Size

    206KB

  • Sample

    220306-2vxd4ahgak

  • MD5

    0d33efc831e18fcdf7551ffa38525075

  • SHA1

    4df1d85b6485fa060ca195112b1f866a6799c3a9

  • SHA256

    0fe26492c733ffede1ec0d3311fd97d2d78b5ad0812fa6a5b0b1f7b1128c92a7

  • SHA512

    e5082f432043101309c5766b2dcb21c41e89b9691066ccbb08e4863d4d8419343cd5adb952947eafd24f5b20a738df45ecf91b9e1ef192d14d8c922bb9504174

Malware Config

Extracted

Family

zloader

Botnet

CanadaLoads

Campaign

Nerino

C2

https://monanuslanus.com/bFnF0y1r/7QKpXmV3Pz.php

https://lericastrongs.com/bFnF0y1r/7QKpXmV3Pz.php

https://hyllionsudks.com/bFnF0y1r/7QKpXmV3Pz.php

https://crimewasddef.com/bFnF0y1r/7QKpXmV3Pz.php

https://derekdsingel.com/bFnF0y1r/7QKpXmV3Pz.php

https://simplereffiret.com/bFnF0y1r/7QKpXmV3Pz.php

https://regeerscomba.com/bFnF0y1r/7QKpXmV3Pz.php

Attributes
  • build_id

    77

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      0fe26492c733ffede1ec0d3311fd97d2d78b5ad0812fa6a5b0b1f7b1128c92a7

    • Size

      206KB

    • MD5

      0d33efc831e18fcdf7551ffa38525075

    • SHA1

      4df1d85b6485fa060ca195112b1f866a6799c3a9

    • SHA256

      0fe26492c733ffede1ec0d3311fd97d2d78b5ad0812fa6a5b0b1f7b1128c92a7

    • SHA512

      e5082f432043101309c5766b2dcb21c41e89b9691066ccbb08e4863d4d8419343cd5adb952947eafd24f5b20a738df45ecf91b9e1ef192d14d8c922bb9504174

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks