General
-
Target
45f3f5d22895889574eb220c91242129153c6d85374d08665348c3bbe3414543
-
Size
485KB
-
Sample
220520-3rmk6ahdd6
-
MD5
e4a088773d56d0f6e7d1582f100b5137
-
SHA1
5cf878a09b2de0b664467b928ad03453e5c1491e
-
SHA256
45f3f5d22895889574eb220c91242129153c6d85374d08665348c3bbe3414543
-
SHA512
eea5d926f100f5ae136e2ea5c71530ff087349ed89aa069b1cc4490ca8bb0432e1013e953de6c56befd660acd673d388aeef3e9db0ced7cbd4dd71ed432f0f6d
Malware Config
Extracted
zloader
r1
r1
http://bsraotpeiimmrnchcqvr.com/LKhwojehDgwegSDG/gateJKjdsh.php
http://exqnbgauiphxqdeecitw.com/LKhwojehDgwegSDG/gateJKjdsh.php
http://fpbkvirfkfvufpbkvgty.com/LKhwojehDgwegSDG/gateJKjdsh.php
http://hikowojacckxccgglhvy.com/LKhwojehDgwegSDG/gateJKjdsh.php
http://kdrowkrjhrdmbxkthljt.com/LKhwojehDgwegSDG/gateJKjdsh.php
http://nvlmtlisfmcfgimicstx.com/LKhwojehDgwegSDG/gateJKjdsh.php
http://syohvyctqfcgakxepsou.com/LKhwojehDgwegSDG/gateJKjdsh.php
http://wdwrhikolxfwyyhwwfut.com/LKhwojehDgwegSDG/gateJKjdsh.php
-
build_id
17
Targets
-
-
Target
45f3f5d22895889574eb220c91242129153c6d85374d08665348c3bbe3414543
-
Size
485KB
-
MD5
e4a088773d56d0f6e7d1582f100b5137
-
SHA1
5cf878a09b2de0b664467b928ad03453e5c1491e
-
SHA256
45f3f5d22895889574eb220c91242129153c6d85374d08665348c3bbe3414543
-
SHA512
eea5d926f100f5ae136e2ea5c71530ff087349ed89aa069b1cc4490ca8bb0432e1013e953de6c56befd660acd673d388aeef3e9db0ced7cbd4dd71ed432f0f6d
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Suspicious use of SetThreadContext
-