zloader | 3260c1e806429a61577901fcdf070a19d150730fbfc12c626279fd032d1b0d30 | Triage

Resubmissions

21-09-2024 20:32

240921-zbf7nascrk 10

Sharing

General

Target

3260c1e806429a61577901fcdf070a19d150730fbfc12c626279fd032d1b0d30
Size

83.1MB
Sample

240921-zbf7nascrk
MD5

5acc6e6e380d83365516fc63a065d984
SHA1

d37938cd1e45c3287c4445f2c4a584c871c9b134
SHA256

3260c1e806429a61577901fcdf070a19d150730fbfc12c626279fd032d1b0d30
SHA512

cd0702d7e50674143f9154ec18ecc189e8dbeb4d5ae5db22309bd8943d3b7e5de9aa2857102d2ac1781c4d1a7f97ebd06558bc944978610074a817b72a897976
SSDEEP

1572864:aHr/xlZ1DRAP6UX4qZ0QaTY5pONinTIXK7hqsAyUhEvpPHjj1:AXTG6KVO4nsayyUmxPH1

Score

10^/10

zloader discovery

Malware Config

Targets

- Target
  
  3260c1e806429a61577901fcdf070a19d150730fbfc12c626279fd032d1b0d30
- Size
  
  83.1MB
- MD5
  
  5acc6e6e380d83365516fc63a065d984
- SHA1
  
  d37938cd1e45c3287c4445f2c4a584c871c9b134
- SHA256
  
  3260c1e806429a61577901fcdf070a19d150730fbfc12c626279fd032d1b0d30
- SHA512
  
  cd0702d7e50674143f9154ec18ecc189e8dbeb4d5ae5db22309bd8943d3b7e5de9aa2857102d2ac1781c4d1a7f97ebd06558bc944978610074a817b72a897976
- SSDEEP
  
  1572864:aHr/xlZ1DRAP6UX4qZ0QaTY5pONinTIXK7hqsAyUhEvpPHjj1:AXTG6KVO4nsayyUmxPH1
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4