Overview

overview

10

Static

static

2f96c155ca...b3.dll

windows7_x64

10

2f96c155ca...b3.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f96c155ca7d4984430d0aa0af64689d761e875ccb35dd9d88fb95c48dae1db3

  • Size

    570KB

  • Sample

    220503-zsncascef8

  • MD5

    57e3573aaef04bd0f8eab25b091ddcdc

  • SHA1

    8a76299387642ec81e848234b97a486ff47b4beb

  • SHA256

    2f96c155ca7d4984430d0aa0af64689d761e875ccb35dd9d88fb95c48dae1db3

  • SHA512

    7bc763465ae72e7a69ac58f398354901728d82ae97d95eda9069c1f0ba35061e9ce250c723b96ab69049d48e915bbed6083fc49a9bf8c8210ff0e9dbaf6ec5af

Score
10/10
zloaderdivaderpollbotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

divader

Campaign

poll

C2

https://fqnceas.su/gate.php

https://fqlocpeas.ru/gate.php

https://dksaiijn.ru/gate.php

https://dksafjasnf.su/gate.php

https://fjsafasfsa.ru/gate.php

https://fjskoijafsa.ru/gate.php

https://kochamkkkras.ru/gate.php

https://uookqihwdid.ru/gate.php

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php
Attributes
  • build_id

    128

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      2f96c155ca7d4984430d0aa0af64689d761e875ccb35dd9d88fb95c48dae1db3

    • Size

      570KB

    • MD5

      57e3573aaef04bd0f8eab25b091ddcdc

    • SHA1

      8a76299387642ec81e848234b97a486ff47b4beb

    • SHA256

      2f96c155ca7d4984430d0aa0af64689d761e875ccb35dd9d88fb95c48dae1db3

    • SHA512

      7bc763465ae72e7a69ac58f398354901728d82ae97d95eda9069c1f0ba35061e9ce250c723b96ab69049d48e915bbed6083fc49a9bf8c8210ff0e9dbaf6ec5af

    Score
    10/10
    zloaderdivaderpollbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks