zloader | ee9a7bc5040182746a74e164b886113a45186fe3a1d73c2b0ed6513a6a4514e6 | Triage

Sharing

General

Target

ee9a7bc5040182746a74e164b886113a45186fe3a1d73c2b0ed6513a6a4514e6
Size

499KB
Sample

220524-3h83ssbfg8
MD5

e592861b0a5a38ef5385d1d59c59942b
SHA1

4b1ec6163e0168b3f5a6eccbce042ca9eccabdbc
SHA256

ee9a7bc5040182746a74e164b886113a45186fe3a1d73c2b0ed6513a6a4514e6
SHA512

39839e7ba783c29b63ec3247035c3f4bf4e334229d77ac98df355e313610fcdccb43beb037d802d1f4c08f06a81ae7fc5b54817ea44bb94552e0c83b6861d8e2

Score

10^/10

zloader bot5 bot5 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

Attributes

build_id
11

rc4.plain

Targets

- Target
  
  ee9a7bc5040182746a74e164b886113a45186fe3a1d73c2b0ed6513a6a4514e6
- Size
  
  499KB
- MD5
  
  e592861b0a5a38ef5385d1d59c59942b
- SHA1
  
  4b1ec6163e0168b3f5a6eccbce042ca9eccabdbc
- SHA256
  
  ee9a7bc5040182746a74e164b886113a45186fe3a1d73c2b0ed6513a6a4514e6
- SHA512
  
  39839e7ba783c29b63ec3247035c3f4bf4e334229d77ac98df355e313610fcdccb43beb037d802d1f4c08f06a81ae7fc5b54817ea44bb94552e0c83b6861d8e2
Score

10^/10

zloader bot5 bot5 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderbot5bot5botnettrojan

behavioral2

zloaderbot5bot5botnettrojan