zloader | e3fba6f1efac5f32c35baf0337c0b951bae84fd5e8e71708405d59610b5de19e

Resubmissions

09-02-2023 02:28

230209-cyewsaga48 10

09-02-2023 02:18

230209-crm9ksff67 10

Sharing

Copy URL

Twitter E-mail

General

Target

アーカイブ.zip
Size

407KB
Sample

230209-cyewsaga48
MD5

a485068b0daccf32769e755e5a9393f6
SHA1

3e2af52c587b32f8fc7765fed0e2aaf169aec7d9
SHA256

e3fba6f1efac5f32c35baf0337c0b951bae84fd5e8e71708405d59610b5de19e
SHA512

ec761ddc3fa070925ca7727a71808c9ee515f9924bcb3f61d6a3e2fad84f5714212a0fc43d2470a9607ab42a98a40b9f994220690a653dca1bf76a9fe4aae55c
SSDEEP

12288:tGZTuOENdG2UIh21dHxp03+HPU9Ar5qRrRDhSQ:cuzodRakPw4qdBj

Score

10^/10

Malware Config

Extracted

Family

zloader

Botnet

main

Campaign

2020-06-12

https://matarlod.org/web/data

https://datearoc.org/web/data

https://rechnecy.org/web/data

https://ramissal.org/web/data

https://raidesci.org/web/data

https://glartrot.org/web/data

https://revenapo.org/web/data

https://brenonip.org/web/data

Attributes

build_id
6

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  entomology.srt
- Size
  
  225KB
- MD5
  
  96874e8ec64976899a1f7b90022f3e43
- SHA1
  
  ab33331de0ab0f9dddb2b8eb8e4e8c92b18a9c61
- SHA256
  
  badc87166cc28491dcae0164e7dc027aeb4b98eea5f765f776f58d8683cdec6a
- SHA512
  
  4e8bccc9fe9d507817f78950388a8726f95a5aafd9a9e192ef9e33871a67cb9d44ff56c4a0c03490c30e2d272ca08ba3819992bc21d810bc3885ac7f4cf5b63b
- SSDEEP
  
  3072:XPbq/XSqcbXdOg9gkx/yrNPwwApe6eIDK+C9iKy6K7kDlUzYak6ve432+fGxsN5w:jqKDXdOAgUKXvji7oDvaNm4mSGqe9d
Score

10^/10

zloader main 2020-06-12 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Zloader, Terdot, DELoader, ZeusSphinx

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2