General

  • Target

    31d21298c1110a40dd09dcf8030ae081

  • Size

    490KB

  • Sample

    231225-wap7dsffbq

  • MD5

    31d21298c1110a40dd09dcf8030ae081

  • SHA1

    0d73d684595993b2f15c010de12e2b4421a4d8d8

  • SHA256

    b54df4a64b3271f45178a30537934548279e647fcbad2b9bfec836f4e757e5c9

  • SHA512

    4daacc7ce9e823b3e4e199ff3ab5cf4f62bbe15f27686623109f67f51fd7ee1498776ab4bc06300c507c5b0abf6c5a0f89ab76b9947ef5288d74722b53d98999

  • SSDEEP

    12288:h0wWB8CJbSOFJ1wF0YT0DR9WyOGQ2D5s1ss:h0wWXnH1wlGPl/s

Malware Config

Extracted

Family

zloader

Botnet

vasja

Campaign

vasja

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      31d21298c1110a40dd09dcf8030ae081

    • Size

      490KB

    • MD5

      31d21298c1110a40dd09dcf8030ae081

    • SHA1

      0d73d684595993b2f15c010de12e2b4421a4d8d8

    • SHA256

      b54df4a64b3271f45178a30537934548279e647fcbad2b9bfec836f4e757e5c9

    • SHA512

      4daacc7ce9e823b3e4e199ff3ab5cf4f62bbe15f27686623109f67f51fd7ee1498776ab4bc06300c507c5b0abf6c5a0f89ab76b9947ef5288d74722b53d98999

    • SSDEEP

      12288:h0wWB8CJbSOFJ1wF0YT0DR9WyOGQ2D5s1ss:h0wWXnH1wlGPl/s

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks