Overview

overview

10

Static

static

00c1cc0ba6...e3.dll

windows7_x64

1

00c1cc0ba6...e3.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00c1cc0ba66f03d31042842ba2852c7068735c88be975e14cf711f996226d2e3

  • Size

    1.6MB

  • Sample

    220418-sx6k4sghd3

  • MD5

    e7cdb8bee224974ff5d78c85f53ca40c

  • SHA1

    2ca1aa8088c8be1cce6000b51c4eac286e4d98f6

  • SHA256

    00c1cc0ba66f03d31042842ba2852c7068735c88be975e14cf711f996226d2e3

  • SHA512

    e8b50f0678c5e674195e38ce2508a2006b6d1e523d181970a522be684f499c5d2a30e7035cf496fefbf084cb480d2526f774441d8071168a80bf437a6f442c3e

Score
10/10
zloaderkev28/10botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

kev

Campaign

28/10

C2

https://cheerdak.com/wvje1k.php

https://hkq.cfc.myftpupload.com/fagho1.php

https://puraanvidya.com/tsmo2x.php

https://creatorclick.com/qtvjkv.php

https://tsapparel.com.my/n0by93.php

https://www.wise-network.net/wp-parsing.php

https://logtetuseslo.tk/wp-smarts.php
Attributes
  • build_id

    185

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      00c1cc0ba66f03d31042842ba2852c7068735c88be975e14cf711f996226d2e3

    • Size

      1.6MB

    • MD5

      e7cdb8bee224974ff5d78c85f53ca40c

    • SHA1

      2ca1aa8088c8be1cce6000b51c4eac286e4d98f6

    • SHA256

      00c1cc0ba66f03d31042842ba2852c7068735c88be975e14cf711f996226d2e3

    • SHA512

      e8b50f0678c5e674195e38ce2508a2006b6d1e523d181970a522be684f499c5d2a30e7035cf496fefbf084cb480d2526f774441d8071168a80bf437a6f442c3e

    Score
    10/10
    zloaderkev28/10botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks