Overview

overview

10

Static

static

1

entomology.dll

windows7-x64

10

entomology.dll

windows10-2004-x64

10

Resubmissions

09-02-2023 02:28

230209-cyewsaga48 10

09-02-2023 02:18

230209-crm9ksff67 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    アーカイブ.zip

  • Size

    407KB

  • Sample

    230209-cyewsaga48

  • MD5

    a485068b0daccf32769e755e5a9393f6

  • SHA1

    3e2af52c587b32f8fc7765fed0e2aaf169aec7d9

  • SHA256

    e3fba6f1efac5f32c35baf0337c0b951bae84fd5e8e71708405d59610b5de19e

  • SHA512

    ec761ddc3fa070925ca7727a71808c9ee515f9924bcb3f61d6a3e2fad84f5714212a0fc43d2470a9607ab42a98a40b9f994220690a653dca1bf76a9fe4aae55c

  • SSDEEP

    12288:tGZTuOENdG2UIh21dHxp03+HPU9Ar5qRrRDhSQ:cuzodRakPw4qdBj

Score
10/10
zloadermain2020-06-12botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

main

Campaign

2020-06-12

C2

https://matarlod.org/web/data

https://datearoc.org/web/data

https://rechnecy.org/web/data

https://ramissal.org/web/data

https://raidesci.org/web/data

https://glartrot.org/web/data

https://revenapo.org/web/data

https://brenonip.org/web/data
Attributes
  • build_id

    6

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      entomology.srt

    • Size

      225KB

    • MD5

      96874e8ec64976899a1f7b90022f3e43

    • SHA1

      ab33331de0ab0f9dddb2b8eb8e4e8c92b18a9c61

    • SHA256

      badc87166cc28491dcae0164e7dc027aeb4b98eea5f765f776f58d8683cdec6a

    • SHA512

      4e8bccc9fe9d507817f78950388a8726f95a5aafd9a9e192ef9e33871a67cb9d44ff56c4a0c03490c30e2d272ca08ba3819992bc21d810bc3885ac7f4cf5b63b

    • SSDEEP

      3072:XPbq/XSqcbXdOg9gkx/yrNPwwApe6eIDK+C9iKy6K7kDlUzYak6ve432+fGxsN5w:jqKDXdOAgUKXvji7oDvaNm4mSGqe9d

    Score
    10/10
    zloadermain2020-06-12botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks