General

  • Target

    8c2aea7533b037f00030d9743358cbbc

  • Size

    332KB

  • Sample

    240203-m6vx3sfef6

  • MD5

    8c2aea7533b037f00030d9743358cbbc

  • SHA1

    767bf9c758c5f475e940acc72db8eab5a8ff051b

  • SHA256

    4ecf5e2431a785e1173a0c168cbccebde214599fe6f605f7ff70c66df501cc98

  • SHA512

    fe3b327e6ecf6fd38a9d7d0543b592a5997690f868424662d527617194d444d6d8ef4e7da6972cf6df87f5614177970088291d05a00350d921adee27d407dc0a

  • SSDEEP

    6144:u1bce5AMUxly8oYbDl9o0EmScwmp3lwtSBFRe+p1LKvtoMj:WX9cAZYbDl9OBcwmtlESBFfp1ho

Malware Config

Extracted

Family

zloader

Botnet

tim

Campaign

tim

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      8c2aea7533b037f00030d9743358cbbc

    • Size

      332KB

    • MD5

      8c2aea7533b037f00030d9743358cbbc

    • SHA1

      767bf9c758c5f475e940acc72db8eab5a8ff051b

    • SHA256

      4ecf5e2431a785e1173a0c168cbccebde214599fe6f605f7ff70c66df501cc98

    • SHA512

      fe3b327e6ecf6fd38a9d7d0543b592a5997690f868424662d527617194d444d6d8ef4e7da6972cf6df87f5614177970088291d05a00350d921adee27d407dc0a

    • SSDEEP

      6144:u1bce5AMUxly8oYbDl9o0EmScwmp3lwtSBFRe+p1LKvtoMj:WX9cAZYbDl9OBcwmtlESBFfp1ho

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks