zloader | d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e

General

Target

d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
Size

336KB
Sample

220510-yse59ahee3
MD5

f3e444d65ca0cc208a5e52feb3c62d5f
SHA1

74dbaef27de86dbb30da205243c431c25c38315e
SHA256

d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
SHA512

c7832350eee29a25f0d2c7eb73bb24a809100dc95fb3bc9cfdb7d51dff9270feb4b8d0700aa0d5d5d7d56a64bacc4182f9c8ff29df8d3e423fd1f710a5fcc13d

Score

10^/10

zloader sg sg botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

SG

Campaign

SG

C2

https://freebreez.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://makaronz.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://ricklick.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://litlblockblack.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://vaktorianpackif.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://hbamefphmqsdgkqojgwe.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://hoxfqvlgoabyfspvjimc.com/LKhwojehDgwegSDG/gateJKjdsh.php

https://yrsfuaegsevyffrfsgpj.com/LKhwojehDgwegSDG/gateJKjdsh.php

Attributes

build_id
99

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
- Size
  
  336KB
- MD5
  
  f3e444d65ca0cc208a5e52feb3c62d5f
- SHA1
  
  74dbaef27de86dbb30da205243c431c25c38315e
- SHA256
  
  d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
- SHA512
  
  c7832350eee29a25f0d2c7eb73bb24a809100dc95fb3bc9cfdb7d51dff9270feb4b8d0700aa0d5d5d7d56a64bacc4182f9c8ff29df8d3e423fd1f710a5fcc13d
Score

10^/10

zloader sg sg botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Zloader, Terdot, DELoader, ZeusSphinx

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2