Overview

overview

10

Static

static

3

8ef434c30c...67.dll

windows7-x64

10

8ef434c30c...67.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ef434c30c2839f2fd57ba23899c2467

  • Size

    323KB

  • Sample

    240204-mtkatafef5

  • MD5

    8ef434c30c2839f2fd57ba23899c2467

  • SHA1

    949164ad8e01020b4787ec5a560c5be44fd3e8fd

  • SHA256

    9dae20bd687c2e790c928eb9b4989a213b9f23a23211e0a0383e531c04f80e5b

  • SHA512

    64f19ce9e02dcf965565c882f8de28255f68d4989168650b383707609886ccb7b375f654ce325468189d0c9971c3da69d9d19f91a66f473f9bc909e879d98e5b

  • SSDEEP

    6144:p0L/qmFspQg3JQaG9Py6c1K8poXsMsBcBezEXLcrXVO5M0S:KeQg5QaGBy6cA8isMsBOezEb2CM0S

Score
10/10
zloaderivanivanbotnettrojan

Malware Config

Extracted

Family

zloader

Botnet

ivan

Campaign

ivan

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php
Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      8ef434c30c2839f2fd57ba23899c2467

    • Size

      323KB

    • MD5

      8ef434c30c2839f2fd57ba23899c2467

    • SHA1

      949164ad8e01020b4787ec5a560c5be44fd3e8fd

    • SHA256

      9dae20bd687c2e790c928eb9b4989a213b9f23a23211e0a0383e531c04f80e5b

    • SHA512

      64f19ce9e02dcf965565c882f8de28255f68d4989168650b383707609886ccb7b375f654ce325468189d0c9971c3da69d9d19f91a66f473f9bc909e879d98e5b

    • SSDEEP

      6144:p0L/qmFspQg3JQaG9Py6c1K8poXsMsBcBezEXLcrXVO5M0S:KeQg5QaGBy6cA8isMsBOezEb2CM0S

    Score
    10/10
    zloaderivanivanbotnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks