zloader | 8e50da51386c2f267afaf1a419e4467d62c01c9704f0e17c4aa188d0c090c8b2

General

Target

d2852a3b2a20846528cec53426fd5f9c_JaffaCakes118
Size

362KB
Sample

240907-wh7reayeqg
MD5

d2852a3b2a20846528cec53426fd5f9c
SHA1

1fa892f9280708e7c82e958bec516bb2b09351f3
SHA256

8e50da51386c2f267afaf1a419e4467d62c01c9704f0e17c4aa188d0c090c8b2
SHA512

247fae9f2c9bdca9d7eb4f44996e7e28d2cd9b7c87ea05a15b72ecb073750c8d9199d585771366687c43d802eb474e9486bb328d2984abeb4aacee62916ca2b6
SSDEEP

6144:X5fVAHOvzY7zHY0Uxen/0TP1a2arz7JjOGG3v2WYXmpHdwpc2:X5wgmY0ZMTZIOGyv2WYWNdI

Score

10^/10

Malware Config

Extracted

Family

zloader

Botnet

kev

Campaign

08/02

C2

https://earfetti.com/post.php

https://evalynews.com/post.php

https://zeistatwalk.tk/post.php

https://spiraninendreamneu.tk/post.php

Attributes

build_id
332

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  d2852a3b2a20846528cec53426fd5f9c_JaffaCakes118
- Size
  
  362KB
- MD5
  
  d2852a3b2a20846528cec53426fd5f9c
- SHA1
  
  1fa892f9280708e7c82e958bec516bb2b09351f3
- SHA256
  
  8e50da51386c2f267afaf1a419e4467d62c01c9704f0e17c4aa188d0c090c8b2
- SHA512
  
  247fae9f2c9bdca9d7eb4f44996e7e28d2cd9b7c87ea05a15b72ecb073750c8d9199d585771366687c43d802eb474e9486bb328d2984abeb4aacee62916ca2b6
- SSDEEP
  
  6144:X5fVAHOvzY7zHY0Uxen/0TP1a2arz7JjOGG3v2WYXmpHdwpc2:X5wgmY0ZMTZIOGyv2WYWNdI
Score

10^/10

zloader kev 08/02 botnet discovery trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Zloader, Terdot, DELoader, ZeusSphinx

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2