General
-
Target
SpotifyFullSetup.exe
-
Size
76.3MB
-
Sample
221005-z6lqmaffg6
-
MD5
7e075f3893790bb01af2fb6d72bd38c8
-
SHA1
39043b78163a36d1e1ac43abbc5b189a29c4ad45
-
SHA256
9300b77f4314c8970bc8e3a7407c7b21620e9a8806ffbc20479867bd2b46c4b5
-
SHA512
6f290caec3334712e17e4e7e83a3d4838cad9d7d0c576714704f085cadcb3edc40e3c82c07f9535d570f586e1f08237170c470aaf43588587527bf1be901acb0
-
SSDEEP
1572864:Caw8yEeplS58uIjZ/meoXYz3WE5oUCgojPanpepPdCwsj8NQ+GUUWjrlZsr4oGn0:xhgF6k5D1qa4dCtVuJJZsSKDXt
Malware Config
Targets
-
-
Target
SpotifyFullSetup.exe
-
Size
76.3MB
-
MD5
7e075f3893790bb01af2fb6d72bd38c8
-
SHA1
39043b78163a36d1e1ac43abbc5b189a29c4ad45
-
SHA256
9300b77f4314c8970bc8e3a7407c7b21620e9a8806ffbc20479867bd2b46c4b5
-
SHA512
6f290caec3334712e17e4e7e83a3d4838cad9d7d0c576714704f085cadcb3edc40e3c82c07f9535d570f586e1f08237170c470aaf43588587527bf1be901acb0
-
SSDEEP
1572864:Caw8yEeplS58uIjZ/meoXYz3WE5oUCgojPanpepPdCwsj8NQ+GUUWjrlZsr4oGn0:xhgF6k5D1qa4dCtVuJJZsSKDXt
Score10/10-
Zloader, Terdot, DELoader, ZeusSphinx
Zloader is a malware strain that was initially discovered back in August 2015.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-