zloader | bd4ed965fbab660df571953482137e91a5af1a23c8a471b583d87e65266f64b2 | Triage

Submit
Reports

Overview

overview

Static

static

Skype-8.88.0.401.exe

windows7-x64

Skype-8.88.0.401.exe

windows10-2004-x64

8

Sharing

General

Target

Skype-8.88.0.401.exe
Size

84.6MB
Sample

220927-qh2bqsefdr
MD5

a354d5d832f5a63c996be3ba24f3793c
SHA1

0eeabbd3654bcb95615ede909eca7f1d8cb1465e
SHA256

bd4ed965fbab660df571953482137e91a5af1a23c8a471b583d87e65266f64b2
SHA512

f745d04cae393227b344c4fe4ba1d9bdc36058527c1621fd38d19ccc6bdeb15dd4251e66e6db9a88ec41dd59ddf3de357920e58980ca089119416d92c9fc90fc
SSDEEP

1572864:KuEsMZ2eMCgMHNRZzU9P9X6TalSU3OTW+CnamF+U4wYVcnywmh0yyHXFK9auqj:KeM0MNQ6Ty3a3CT+amdwq0yyHXFoqj

Score

10^/10

zloader botnet discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

Skype-8.88.0.401.exe

Resource

win7-20220812-en

zloader botnet discovery trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

Skype-8.88.0.401.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  Skype-8.88.0.401.exe
- Size
  
  84.6MB
- MD5
  
  a354d5d832f5a63c996be3ba24f3793c
- SHA1
  
  0eeabbd3654bcb95615ede909eca7f1d8cb1465e
- SHA256
  
  bd4ed965fbab660df571953482137e91a5af1a23c8a471b583d87e65266f64b2
- SHA512
  
  f745d04cae393227b344c4fe4ba1d9bdc36058527c1621fd38d19ccc6bdeb15dd4251e66e6db9a88ec41dd59ddf3de357920e58980ca089119416d92c9fc90fc
- SSDEEP
  
  1572864:KuEsMZ2eMCgMHNRZzU9P9X6TalSU3OTW+CnamF+U4wYVcnywmh0yyHXFK9auqj:KeM0MNQ6Ty3a3CT+amdwq0yyHXFoqj
Score

10^/10

zloader botnet discovery trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

zloaderbotnetdiscoverytrojan

behavioral2

© 2018-2024

Terms | Privacy