General

  • Target

    745282b0e5b4af2b43bb432793e3f2410efc9953335441da568b2bba572e3408

  • Size

    647KB

  • Sample

    220524-xf7jasdgg5

  • MD5

    cbf2a5ba02724ef9944b3c533472561c

  • SHA1

    da4a6f21206352eb7eb4f63f1ed36cf07a8e9993

  • SHA256

    745282b0e5b4af2b43bb432793e3f2410efc9953335441da568b2bba572e3408

  • SHA512

    f45c83c78a1cb4252b57a141722ebf452115d09c1ebb434e05709577e01401155bd45cc29aea699615477fb21f9ad4b0a27a73d1e41a6b72260281cfe3c8c175

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

Attributes
  • build_id

    11

rc4.plain

Targets

    • Target

      745282b0e5b4af2b43bb432793e3f2410efc9953335441da568b2bba572e3408

    • Size

      647KB

    • MD5

      cbf2a5ba02724ef9944b3c533472561c

    • SHA1

      da4a6f21206352eb7eb4f63f1ed36cf07a8e9993

    • SHA256

      745282b0e5b4af2b43bb432793e3f2410efc9953335441da568b2bba572e3408

    • SHA512

      f45c83c78a1cb4252b57a141722ebf452115d09c1ebb434e05709577e01401155bd45cc29aea699615477fb21f9ad4b0a27a73d1e41a6b72260281cfe3c8c175

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks