Overview

overview

10

Static

static

TeraBox_1.12.5.8.exe

windows7-x64

10

TeraBox_1.12.5.8.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TeraBox_1.12.5.8.exe

  • Size

    79.6MB

  • Sample

    221230-f5412aac7y

  • MD5

    307ecfb9554db41fd38711f3896275e9

  • SHA1

    562f88a68415dcff6ed771bce542071cf745e6d6

  • SHA256

    adfc360f409f6d91f405ee2f523a65ef53f2fab23df62627ef610bc47ca9c4fa

  • SHA512

    d5570a69103522bb2e541173a1c8ff43737d353dc76ba9ac896b6f55fc112976a8cbf7797c6924aec161b150e616d2c69df3de472664dd48e426a7d96a9cf20b

  • SSDEEP

    1572864:oJrltsdCBfCio2l2y+g3xkGcsQ492KW9tyTzIUjaOA1S1o23q2+XmFg:ylqmfYOrxVce92KCKIUj5bk2g

Score
10/10
zloaderbotnetdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      TeraBox_1.12.5.8.exe

    • Size

      79.6MB

    • MD5

      307ecfb9554db41fd38711f3896275e9

    • SHA1

      562f88a68415dcff6ed771bce542071cf745e6d6

    • SHA256

      adfc360f409f6d91f405ee2f523a65ef53f2fab23df62627ef610bc47ca9c4fa

    • SHA512

      d5570a69103522bb2e541173a1c8ff43737d353dc76ba9ac896b6f55fc112976a8cbf7797c6924aec161b150e616d2c69df3de472664dd48e426a7d96a9cf20b

    • SSDEEP

      1572864:oJrltsdCBfCio2l2y+g3xkGcsQ492KW9tyTzIUjaOA1S1o23q2+XmFg:ylqmfYOrxVce92KCKIUj5bk2g

    Score
    10/10
    zloaderbotnetdiscoverypersistencetrojan

    • Modifies system executable filetype association

      persistence

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks