zloader | 66f49a261b6086dfdd1c3e2a21f7cb746aa35707490cbd64693d66383ba54c64 | Triage

Submit
Reports

Overview

overview

Static

static

66f49a261b...64.dll

windows7-x64

66f49a261b...64.dll

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

66f49a261b6086dfdd1c3e2a21f7cb746aa35707490cbd64693d66383ba54c64.dll

Resource

win7-20220812-en

zloader 04/02 botnet persistence trojan

windows7-x64

6 signatures

600 seconds

Behavioral task

behavioral2

Sample

66f49a261b6086dfdd1c3e2a21f7cb746aa35707490cbd64693d66383ba54c64.dll

Resource

win10v2004-20220812-en

zloader 04/02 botnet persistence trojan

windows10-2004-x64

6 signatures

600 seconds

General

Target

66f49a261b6086dfdd1c3e2a21f7cb746aa35707490cbd64693d66383ba54c64
Size

128KB
MD5

33d2581d7d36acde729ce52c5d106d79
SHA1

48b9cbe0f6922d6c844ab7b7122bc0cd389bf711
SHA256

66f49a261b6086dfdd1c3e2a21f7cb746aa35707490cbd64693d66383ba54c64
SHA512

75acc63cb9c38c0dd3d1759c93f38fc41e62b8853146267b6d80c7b979cf9bf281d3bd44519f1f6a9085d161a4a3d5abc5c71702c914382645e55af3fd6c8770
SSDEEP

3072:f9r5C53D8cD2blVIevrYc/vdDwfYX8D5/x6tT8Wfgpwylb:ft5C53D8ckM6sDW5g6yl

Score

10^/10

04/02 zloader

Malware Config

Extracted

Family

zloader

Botnet

04/02

C2

https://brewaz.club/milagrecf.php

https://buhjike.host/milagrecf.php

Attributes

build_id
49

rc4.plain

Signatures

Zloader family
zloader

Files

66f49a261b6086dfdd1c3e2a21f7cb746aa35707490cbd64693d66383ba54c64
.dll regsvr32 windows x86

318f9d9b26038fd22f8e887bf75745de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetTempPathA

Exports

Exports

DllRegisterServer

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy