Overview

overview

10

Static

static

3

271680d72e...08.dll

windows7-x64

10

271680d72e...08.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    271680d72e97c7ee7936ffc8e994f708

  • Size

    689KB

  • Sample

    231231-egmamsfhe6

  • MD5

    271680d72e97c7ee7936ffc8e994f708

  • SHA1

    f39d2ed351771f80e3cd9f19a7cd30eee2460e70

  • SHA256

    6435db4782e79e8dd7417aa590b965abf468c5caa9d37ed7aa9467177ad804f7

  • SHA512

    dd03c49996e09a52e1eea57d1388bf194d728f4e5f28527128add9a929857ba783d82c7189794258e8b32394a1fd4334fbefad81bde8dd4bfc798362900d4bfe

  • SSDEEP

    6144:ueyXB/ISOdA5cIEFatAIG1YA4yv4eMOVQZY5Fy8rfjuUeinhnBCh:BGISOd2ftA9YkVoZYPy8rfjuUeinhnB2

Score
10/10
zloaderivanivanbotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

ivan

Campaign

ivan

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
Attributes
  • build_id

    157

rc4.plain
1
03d5ae30a0bd934a23b6a7f0756aa504
rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgH8lq265O2JF4ppogKnQ5oPloJ9n
3
DIZIh5wXL6vve72p5RlYHq42Ui3GRSDMLEsoJRaak7WnNKp1AVop9Qj7f7DEvHZ+
4
jgjeT1axP2rt4FTF4wT4ZDPUDVdmGQhfozluc328jBVLX5HXaYLtEhlI7Hc1Syhk
5
+pXowBVJ8emFjkANAgMBAAE=
6
-----END PUBLIC KEY-----

Targets

    • Target

      271680d72e97c7ee7936ffc8e994f708

    • Size

      689KB

    • MD5

      271680d72e97c7ee7936ffc8e994f708

    • SHA1

      f39d2ed351771f80e3cd9f19a7cd30eee2460e70

    • SHA256

      6435db4782e79e8dd7417aa590b965abf468c5caa9d37ed7aa9467177ad804f7

    • SHA512

      dd03c49996e09a52e1eea57d1388bf194d728f4e5f28527128add9a929857ba783d82c7189794258e8b32394a1fd4334fbefad81bde8dd4bfc798362900d4bfe

    • SSDEEP

      6144:ueyXB/ISOdA5cIEFatAIG1YA4yv4eMOVQZY5Fy8rfjuUeinhnBCh:BGISOd2ftA9YkVoZYPy8rfjuUeinhnB2

    Score
    10/10
    zloaderivanivanbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.