Extracted

• • Target

    invest_20.dll

  • Size

    453KB

  • MD5

    c9affd7934e4d9b4dec4c40b2a71a381

  • SHA1

    aac940f9906034938cd657ed2ba21bc675e6ae20

  • SHA256

    31cf42b2a7c5c558f44cfc67684cc344c17d4946d3a1e0b2cecb8eb58173cb2f

  • SHA512

    82d18e7815ed38c07ca0b6ec82cb2e30451d0e02a9cd761e1d55d6f05955fac3df303d96bac89dea6dfa3b90def945ca413ae9854dd7b24fbcc18e6c6040f18a

  • SSDEEP

    6144:JWm73CWN0OejuX3VR4YCrqGro3O32YHFhIaA1fjYDr1qhHkmviFJf0:JKGK6Vtiq0UOdFhqLYwP2Jf0

  Score

  10^/10

  zloadergoldhub01.04.20botnetpersistencetrojan

  • Zloader, Terdot, DELoader, ZeusSphinx

    Zloader is a malware strain that was initially discovered back in August 2015.

    trojanbotnetzloader

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2