General
-
Target
d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
-
Size
336KB
-
Sample
220510-yse59ahee3
-
MD5
f3e444d65ca0cc208a5e52feb3c62d5f
-
SHA1
74dbaef27de86dbb30da205243c431c25c38315e
-
SHA256
d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
-
SHA512
c7832350eee29a25f0d2c7eb73bb24a809100dc95fb3bc9cfdb7d51dff9270feb4b8d0700aa0d5d5d7d56a64bacc4182f9c8ff29df8d3e423fd1f710a5fcc13d
Malware Config
Extracted
zloader
SG
SG
https://freebreez.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://makaronz.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://ricklick.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://litlblockblack.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://vaktorianpackif.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://hbamefphmqsdgkqojgwe.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://hoxfqvlgoabyfspvjimc.com/LKhwojehDgwegSDG/gateJKjdsh.php
https://yrsfuaegsevyffrfsgpj.com/LKhwojehDgwegSDG/gateJKjdsh.php
-
build_id
99
Targets
-
-
Target
d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
-
Size
336KB
-
MD5
f3e444d65ca0cc208a5e52feb3c62d5f
-
SHA1
74dbaef27de86dbb30da205243c431c25c38315e
-
SHA256
d10575ca2708ecce9f773f6c4e64df3be1f32776a651672a062a56fa4376ec0e
-
SHA512
c7832350eee29a25f0d2c7eb73bb24a809100dc95fb3bc9cfdb7d51dff9270feb4b8d0700aa0d5d5d7d56a64bacc4182f9c8ff29df8d3e423fd1f710a5fcc13d
Score10/10-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-