Overview

overview

10

Static

static

5e21899606...0d.exe

windows7_x64

10

5e21899606...0d.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e2189960616b6637d42386859075457ed8698075699085700501a30e856df0d

  • Size

    350KB

  • Sample

    220330-jctalsebhm

  • MD5

    5ffd044223f9ee157d5b09e0430006b2

  • SHA1

    44603ca848affe283f48122d8b1f876f67e751fe

  • SHA256

    5e2189960616b6637d42386859075457ed8698075699085700501a30e856df0d

  • SHA512

    cc6e6af0610944bdc15cce0023e5ec3a993fa3cd7a6b5761d9c146f0cc0e0efa7659dd9342d230c65ecb965fab80fa43abd81799568292da524b8b441dd160d5

Score
10/10
zloadercanadaloadsnerinobotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

CanadaLoads

Campaign

Nerino

C2

https://monanuslanus.com/bFnF0y1r/7QKpXmV3Pz.php

https://lericastrongs.com/bFnF0y1r/7QKpXmV3Pz.php

https://hyllionsudks.com/bFnF0y1r/7QKpXmV3Pz.php

https://crimewasddef.com/bFnF0y1r/7QKpXmV3Pz.php

https://derekdsingel.com/bFnF0y1r/7QKpXmV3Pz.php

https://simplereffiret.com/bFnF0y1r/7QKpXmV3Pz.php

https://regeerscomba.com/bFnF0y1r/7QKpXmV3Pz.php
Attributes
  • build_id

    77

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      5e2189960616b6637d42386859075457ed8698075699085700501a30e856df0d

    • Size

      350KB

    • MD5

      5ffd044223f9ee157d5b09e0430006b2

    • SHA1

      44603ca848affe283f48122d8b1f876f67e751fe

    • SHA256

      5e2189960616b6637d42386859075457ed8698075699085700501a30e856df0d

    • SHA512

      cc6e6af0610944bdc15cce0023e5ec3a993fa3cd7a6b5761d9c146f0cc0e0efa7659dd9342d230c65ecb965fab80fa43abd81799568292da524b8b441dd160d5

    Score
    10/10
    zloadercanadaloadsnerinobotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks