Overview

overview

10

Static

static

3

041ebd5547...18.dll

windows7-x64

10

041ebd5547...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    041ebd55472e90b6539ed5d520c01f99_JaffaCakes118

  • Size

    648KB

  • Sample

    240428-cb55fsdf37

  • MD5

    041ebd55472e90b6539ed5d520c01f99

  • SHA1

    94cd854b532681dfce63dcd26275ffe735c2cfc2

  • SHA256

    dbe9477ae91c832c2f8749829b9300435efda9299c6dd2b1bd06d49452083827

  • SHA512

    371e5d64c9857b5c417a1080f97911a24c0001d60a989052bafe336264b1a858304f7abb1944de6d799e5e8019c78c32e58103d64dc32ee731cd14e2e33856d7

  • SSDEEP

    12288:ftFeHgffXM9vO6Ca7urSHjoPmWnj+AtPQZwGWXzwjGFiJEvSm6l:fxffXMD7urYinnjvteJWXZievSHl

Score
10/10
zloadermiguel10/04botnettrojan

Malware Config

Extracted

Family

zloader

Botnet

miguel

Campaign

10/04

C2

https://gynrhcoe.pw/wp-config.php

https://wlqaqife.icu/wp-config.php
Attributes
  • build_id

    142

rc4.plain

Targets

    • Target

      041ebd55472e90b6539ed5d520c01f99_JaffaCakes118

    • Size

      648KB

    • MD5

      041ebd55472e90b6539ed5d520c01f99

    • SHA1

      94cd854b532681dfce63dcd26275ffe735c2cfc2

    • SHA256

      dbe9477ae91c832c2f8749829b9300435efda9299c6dd2b1bd06d49452083827

    • SHA512

      371e5d64c9857b5c417a1080f97911a24c0001d60a989052bafe336264b1a858304f7abb1944de6d799e5e8019c78c32e58103d64dc32ee731cd14e2e33856d7

    • SSDEEP

      12288:ftFeHgffXM9vO6Ca7urSHjoPmWnj+AtPQZwGWXzwjGFiJEvSm6l:fxffXMD7urYinnjvteJWXZievSHl

    Score
    10/10
    zloadermiguel10/04botnettrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks