zloader | c19ccce75b409643dc722848f71132d580641d75432caed49d44aec358972ec7 | Triage

Sharing

General

Target

please.dll
Size

482KB
Sample

240123-w2evqsfac3
MD5

e3149d4aa412560c17a6051d94b3960c
SHA1

755154ac9e1c2df88e92d7c17fbaa2e1ec29b9f8
SHA256

c19ccce75b409643dc722848f71132d580641d75432caed49d44aec358972ec7
SHA512

c6c7a211fec2a94feacc62211744108bb55e235cc7ddd3f948a3ccf87c7f32d7ff39b441e4367a675452ffbb744e13cd344bdbb0e60da1c7bfd8ce950cefb7ad
SSDEEP

6144:Bps0ZfRyzpQTM3juL0Fc8HMuThl3iouaNgOGg3jwgL0SR1Tct78gquLs:BpnZZy1zu0C8sutOaNhT4SR1Cgn

Score

10^/10

zloader bot5 bot5 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

Attributes

build_id
11

rc4.plain

Targets

- Target
  
  please.dll
- Size
  
  482KB
- MD5
  
  e3149d4aa412560c17a6051d94b3960c
- SHA1
  
  755154ac9e1c2df88e92d7c17fbaa2e1ec29b9f8
- SHA256
  
  c19ccce75b409643dc722848f71132d580641d75432caed49d44aec358972ec7
- SHA512
  
  c6c7a211fec2a94feacc62211744108bb55e235cc7ddd3f948a3ccf87c7f32d7ff39b441e4367a675452ffbb744e13cd344bdbb0e60da1c7bfd8ce950cefb7ad
- SSDEEP
  
  6144:Bps0ZfRyzpQTM3juL0Fc8HMuThl3iouaNgOGg3jwgL0SR1Tct78gquLs:BpnZZy1zu0C8sutOaNhT4SR1Cgn
Score

10^/10

zloader bot5 bot5 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloaderbot5bot5botnettrojan

behavioral2

zloaderbot5bot5botnettrojan