General
-
Target
cec54379d0c951fbe85b7f678bc3faab29bd9643375825d105a568ba2890abbf
-
Size
804KB
-
Sample
220510-wcn24sgdfq
-
MD5
9d6680e9b0807d476ce0f39ead7f6b2a
-
SHA1
fb65b9487a06464440cf86eb583ee68c34b4bd5d
-
SHA256
cec54379d0c951fbe85b7f678bc3faab29bd9643375825d105a568ba2890abbf
-
SHA512
4e7e93756d1f60ae7a472a80f04760e4b0fafeedcd3c8f83fbf85001cfb96ce96b287eb2f1621f5a68d13de11588b7eef480f047a667438af13816e05f68987e
Malware Config
Extracted
zloader
target1
target1
https://freebreez.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://makaronz.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://ricklick.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://litlblockblack.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://vaktorianpackif.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://hbamefphmqsdgkqojgwe.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://hoxfqvlgoabyfspvjimc.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://yrsfuaegsevyffrfsgpj.com/LKhwojehDgwegSDG/gateJKjdsh.php
-
build_id
71
Targets
-
-
Target
cec54379d0c951fbe85b7f678bc3faab29bd9643375825d105a568ba2890abbf
-
Size
804KB
-
MD5
9d6680e9b0807d476ce0f39ead7f6b2a
-
SHA1
fb65b9487a06464440cf86eb583ee68c34b4bd5d
-
SHA256
cec54379d0c951fbe85b7f678bc3faab29bd9643375825d105a568ba2890abbf
-
SHA512
4e7e93756d1f60ae7a472a80f04760e4b0fafeedcd3c8f83fbf85001cfb96ce96b287eb2f1621f5a68d13de11588b7eef480f047a667438af13816e05f68987e
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Suspicious use of SetThreadContext
-