Overview

overview

10

Static

static

3

please.dll

windows7-x64

10

please.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    please.dll

  • Size

    482KB

  • Sample

    240123-w2evqsfac3

  • MD5

    e3149d4aa412560c17a6051d94b3960c

  • SHA1

    755154ac9e1c2df88e92d7c17fbaa2e1ec29b9f8

  • SHA256

    c19ccce75b409643dc722848f71132d580641d75432caed49d44aec358972ec7

  • SHA512

    c6c7a211fec2a94feacc62211744108bb55e235cc7ddd3f948a3ccf87c7f32d7ff39b441e4367a675452ffbb744e13cd344bdbb0e60da1c7bfd8ce950cefb7ad

  • SSDEEP

    6144:Bps0ZfRyzpQTM3juL0Fc8HMuThl3iouaNgOGg3jwgL0SR1Tct78gquLs:BpnZZy1zu0C8sutOaNhT4SR1Cgn

Score
10/10
zloaderbot5bot5botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

bot5

Campaign

bot5

C2

https://militanttra.at/owg.php

Attributes
  • build_id

    11

rc4.plain

Targets

    • Target

      please.dll

    • Size

      482KB

    • MD5

      e3149d4aa412560c17a6051d94b3960c

    • SHA1

      755154ac9e1c2df88e92d7c17fbaa2e1ec29b9f8

    • SHA256

      c19ccce75b409643dc722848f71132d580641d75432caed49d44aec358972ec7

    • SHA512

      c6c7a211fec2a94feacc62211744108bb55e235cc7ddd3f948a3ccf87c7f32d7ff39b441e4367a675452ffbb744e13cd344bdbb0e60da1c7bfd8ce950cefb7ad

    • SSDEEP

      6144:Bps0ZfRyzpQTM3juL0Fc8HMuThl3iouaNgOGg3jwgL0SR1Tct78gquLs:BpnZZy1zu0C8sutOaNhT4SR1Cgn

    Score
    10/10
    zloaderbot5bot5botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks