General

  • Target

    a903d7ee542d137b4e4436cbe87464a2

  • Size

    271KB

  • Sample

    231227-jeha5acegq

  • MD5

    a903d7ee542d137b4e4436cbe87464a2

  • SHA1

    649f450d43751ea2c8daf70d36585cf09b607826

  • SHA256

    ee7fdefd8bc49814f10ef2cfa91fa0b05dabdf24caebbeb025c0ba5159c77d46

  • SHA512

    2b66a246a15be5946d6ae2276943e5dfd7e5b4e158a237ae5f2b7996d1d3c49a457479620d7e108bbf59e3b9f31090656000e7318443807e3ebd045c755daafd

  • SSDEEP

    6144:37oD42N4UoiMe5CKdgY70AI/ChIJJImeat43XTFw8nyog8fAQn5XyaQjY:37oVoiMogYVI/CCImes4HOHoRfAWXyW

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes
  • build_id

    156

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      a903d7ee542d137b4e4436cbe87464a2

    • Size

      271KB

    • MD5

      a903d7ee542d137b4e4436cbe87464a2

    • SHA1

      649f450d43751ea2c8daf70d36585cf09b607826

    • SHA256

      ee7fdefd8bc49814f10ef2cfa91fa0b05dabdf24caebbeb025c0ba5159c77d46

    • SHA512

      2b66a246a15be5946d6ae2276943e5dfd7e5b4e158a237ae5f2b7996d1d3c49a457479620d7e108bbf59e3b9f31090656000e7318443807e3ebd045c755daafd

    • SSDEEP

      6144:37oD42N4UoiMe5CKdgY70AI/ChIJJImeat43XTFw8nyog8fAQn5XyaQjY:37oVoiMogYVI/CCImes4HOHoRfAWXyW

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks