Overview

overview

10

Static

static

1

TeraBox_sl....6.exe

windows7-x64

10

TeraBox_sl....6.exe

windows10-2004-x64

4

Resubmissions

13-07-2023 14:11

230713-rhjblahh5t 1

03-07-2023 17:25

230703-vy9p9sag31 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TeraBox_sl_b_1.20.0.6.exe

  • Size

    84.4MB

  • Sample

    230703-vy9p9sag31

  • MD5

    add481fdab5622f0bed9624d0da23bb0

  • SHA1

    9b2ec5159aec9b270fc89b9050ad7b405793bf53

  • SHA256

    a1fb6802f684d5bd1228000987e88bb7bd6ae3230d7b4416466f8585a53d5e49

  • SHA512

    6365891e241679e024e2514ca32a36baacaeaa52c3b2de8a07b6db76c8eb1d40c41061ccd26a6d24bcdabae9ad14552f1bfef54dc3f0f26bc116ca9fd7082577

  • SSDEEP

    1572864:IddPxMVHjdsnIUnVCnvO9cHC/yp3IsxyCUgd/1l5ueG2+q7WgNaWN:6odZUn20cHCmFZtG2+tuzN

Score
10/10
zloaderbotnetdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      TeraBox_sl_b_1.20.0.6.exe

    • Size

      84.4MB

    • MD5

      add481fdab5622f0bed9624d0da23bb0

    • SHA1

      9b2ec5159aec9b270fc89b9050ad7b405793bf53

    • SHA256

      a1fb6802f684d5bd1228000987e88bb7bd6ae3230d7b4416466f8585a53d5e49

    • SHA512

      6365891e241679e024e2514ca32a36baacaeaa52c3b2de8a07b6db76c8eb1d40c41061ccd26a6d24bcdabae9ad14552f1bfef54dc3f0f26bc116ca9fd7082577

    • SSDEEP

      1572864:IddPxMVHjdsnIUnVCnvO9cHC/yp3IsxyCUgd/1l5ueG2+q7WgNaWN:6odZUn20cHCmFZtG2+tuzN

    Score
    10/10
    zloaderbotnetdiscoverypersistencetrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks