Overview

overview

10

Static

static

1

8a99e00787...dd.dll

windows7-x64

10

8a99e00787...dd.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a99e00787a6de9c2530408d1aa67add.bin

  • Size

    179KB

  • Sample

    240204-cfd7jahdcr

  • MD5

    8a99e00787a6de9c2530408d1aa67add

  • SHA1

    e4720f269c21c4eb70d35a2da0ef6ff72bb6b712

  • SHA256

    79e78ebdec386be81e8f993d7701e131bc4c6c12419c3e9ee9c9d612f3cf05fe

  • SHA512

    18a69219c3906d901d3e98ba9f3526e77a479957c6f051476e8971bd474897c5bd281bb140bb6b3a6ad1f301fd0c881302fcb742caa161dd654498021a969d5b

  • SSDEEP

    3072:f8gr4mCKrL6VLjzPw9OentmnietlDin53uw5y1xefp4nHPCJhfmm6j1PNj/sJEFW:f8um/LXI9tQT7Di5+w4mfQK6jdNj/WEs

Score
10/10
zloadertimtimbotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

tim

Campaign

tim

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      8a99e00787a6de9c2530408d1aa67add.bin

    • Size

      179KB

    • MD5

      8a99e00787a6de9c2530408d1aa67add

    • SHA1

      e4720f269c21c4eb70d35a2da0ef6ff72bb6b712

    • SHA256

      79e78ebdec386be81e8f993d7701e131bc4c6c12419c3e9ee9c9d612f3cf05fe

    • SHA512

      18a69219c3906d901d3e98ba9f3526e77a479957c6f051476e8971bd474897c5bd281bb140bb6b3a6ad1f301fd0c881302fcb742caa161dd654498021a969d5b

    • SSDEEP

      3072:f8gr4mCKrL6VLjzPw9OentmnietlDin53uw5y1xefp4nHPCJhfmm6j1PNj/sJEFW:f8um/LXI9tQT7Di5+w4mfQK6jdNj/WEs

    Score
    10/10
    zloadertimtimbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks