loaderbot | 15e909664fdf26f6931b1279a23f34171ee05be7c6a05344bfe57615b9f6eb2f | Triage

Submit
Reports

Overview

overview

Static

static

15e909664f...2f.exe

windows7_x64

15e909664f...2f.exe

windows10-2004_x64

Sharing

General

Target

15e909664fdf26f6931b1279a23f34171ee05be7c6a05344bfe57615b9f6eb2f
Size

16KB
Sample

220609-f9l11saff7
MD5

8171027ea7792c08b7eeb867ea74bb97
SHA1

64d974727efd8bf097b610a71f9e5ccfee36eee0
SHA256

15e909664fdf26f6931b1279a23f34171ee05be7c6a05344bfe57615b9f6eb2f
SHA512

e82af8371e00701441b5be9efa8d1918286e59400172ba52c4b07ff48e9ad1c572aa570ea12694b84d4a763bb4fba8e7f269052293691fd85da7bf273a331632
SSDEEP

384:FqhvzPUmH19GTXjdhj0uujYcV6AUwJFZb:FYrjV9AhYfYcV6Dw9b

Score

10^/10

loaderbot loader miner persistence suricata

Static task

static1

Behavioral task

behavioral1

Sample

15e909664fdf26f6931b1279a23f34171ee05be7c6a05344bfe57615b9f6eb2f.exe

Resource

win7-20220414-en

loaderbot loader miner persistence suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

15e909664fdf26f6931b1279a23f34171ee05be7c6a05344bfe57615b9f6eb2f.exe

Resource

win10v2004-20220414-en

loaderbot loader miner persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

loaderbot

C2

http://danynydany2018.000webhostapp.com/cmd.php

Targets

- Target
  
  15e909664fdf26f6931b1279a23f34171ee05be7c6a05344bfe57615b9f6eb2f
- Size
  
  16KB
- MD5
  
  8171027ea7792c08b7eeb867ea74bb97
- SHA1
  
  64d974727efd8bf097b610a71f9e5ccfee36eee0
- SHA256
  
  15e909664fdf26f6931b1279a23f34171ee05be7c6a05344bfe57615b9f6eb2f
- SHA512
  
  e82af8371e00701441b5be9efa8d1918286e59400172ba52c4b07ff48e9ad1c572aa570ea12694b84d4a763bb4fba8e7f269052293691fd85da7bf273a331632
- SSDEEP
  
  384:FqhvzPUmH19GTXjdhj0uujYcV6AUwJFZb:FYrjV9AhYfYcV6Dw9b
Score

10^/10

loaderbot loader miner persistence suricata
- LoaderBot
  LoaderBot is a loader written in .NET downloading and executing miners.
  loader miner loaderbot
- suricata: ET MALWARE CerberTear Ransomware CnC Checkin
  suricata: ET MALWARE CerberTear Ransomware CnC Checkin
  suricata
- LoaderBot executable
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

loaderbotloaderminerpersistencesuricata

behavioral2

loaderbotloaderminerpersistence

© 2018-2025

Terms | Privacy