Analysis
-
max time kernel
46s -
max time network
156s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
27-04-2022 15:26
General
-
Target
317c75f14d530b9ede2848d70e1bc98b85d37023b5e440471148d90085d233d5.exe
-
Size
207KB
-
MD5
625737c7973577108995ca1ec9716941
-
SHA1
7443adaadffa465a67da70ffc4b30f7a342f8d9c
-
SHA256
317c75f14d530b9ede2848d70e1bc98b85d37023b5e440471148d90085d233d5
-
SHA512
8f98f265da1e464f2ed8729df6da9fa8882c6867be8378bc07f0f4eafbd426ae14f3703dd3175e5ef4ca5621e4078b03436cac3b0aee66339f638330791c1a4b
Malware Config
Extracted
zloader
CanadaLoads
Nerino
https://monanuslanus.com/bFnF0y1r/7QKpXmV3Pz.php
https://lericastrongs.com/bFnF0y1r/7QKpXmV3Pz.php
https://hyllionsudks.com/bFnF0y1r/7QKpXmV3Pz.php
https://crimewasddef.com/bFnF0y1r/7QKpXmV3Pz.php
https://derekdsingel.com/bFnF0y1r/7QKpXmV3Pz.php
https://simplereffiret.com/bFnF0y1r/7QKpXmV3Pz.php
https://regeerscomba.com/bFnF0y1r/7QKpXmV3Pz.php
-
build_id
77
Signatures
-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
Processes
-
C:\Users\Admin\AppData\Local\Temp\317c75f14d530b9ede2848d70e1bc98b85d37023b5e440471148d90085d233d5.exe"C:\Users\Admin\AppData\Local\Temp\317c75f14d530b9ede2848d70e1bc98b85d37023b5e440471148d90085d233d5.exe"1⤵
-
C:\Windows\SysWOW64\msiexec.exemsiexec.exe2⤵
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152KB
-
Filesize
152KB
-
Filesize
8KB
-
Filesize
152KB
-
Filesize
1024KB
-
Filesize
136KB
-
Filesize
552KB