Overview

overview

10

Static

static

2d16dbdbbf...49.dll

windows7_x64

10

2d16dbdbbf...49.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d16dbdbbf095cf07cbb0ca6f52b805fbf017b0c17adddcc97501af0744a2249

  • Size

    570KB

  • Sample

    220503-zssxsafbhm

  • MD5

    a0478e894c26cfbed2d863b09415b500

  • SHA1

    353819c00d733c3528c0eddabb4e1d98a037bf12

  • SHA256

    2d16dbdbbf095cf07cbb0ca6f52b805fbf017b0c17adddcc97501af0744a2249

  • SHA512

    e61e63e6df8ab5396b2d20ae812e5a871234c47b91635f3e3ed51d2274ebe2303d0ea974fe4253e163217ef1091ff40e9870d1d785bd3503dc959fbd0cad393d

Score
10/10
zloaderdivaderpollbotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

divader

Campaign

poll

C2

https://fqnceas.su/gate.php

https://fqlocpeas.ru/gate.php

https://dksaiijn.ru/gate.php

https://dksafjasnf.su/gate.php

https://fjsafasfsa.ru/gate.php

https://fjskoijafsa.ru/gate.php

https://kochamkkkras.ru/gate.php

https://uookqihwdid.ru/gate.php

https://iqowijsdakm.ru/gate.php

https://wiewjdmkfjn.ru/gate.php
Attributes
  • build_id

    128

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      2d16dbdbbf095cf07cbb0ca6f52b805fbf017b0c17adddcc97501af0744a2249

    • Size

      570KB

    • MD5

      a0478e894c26cfbed2d863b09415b500

    • SHA1

      353819c00d733c3528c0eddabb4e1d98a037bf12

    • SHA256

      2d16dbdbbf095cf07cbb0ca6f52b805fbf017b0c17adddcc97501af0744a2249

    • SHA512

      e61e63e6df8ab5396b2d20ae812e5a871234c47b91635f3e3ed51d2274ebe2303d0ea974fe4253e163217ef1091ff40e9870d1d785bd3503dc959fbd0cad393d

    Score
    10/10
    zloaderdivaderpollbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks