Overview

overview

10

Static

static

1

shitting slander.mp4

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    shitting slander.mp4

  • Size

    6.6MB

  • Sample

    241016-xzzyka1ekr

  • MD5

    828c056e04acd9a83e57815943314c4e

  • SHA1

    c5a76db7258b6489702613d8a44487c9a2e66780

  • SHA256

    0051fa06a995e0daaa5d8d3a6aded51a32975cc3b2e5f38b5a45c3847501958e

  • SHA512

    e86ff8a95cd743fd3d5d9c13f0f46ea7828b1e871dfed8823d91ba82b84c774ed1ad37ef2a844cc3dfd3b7b3e4911ce69731d3b3d4947ad37fde5140877cf523

  • SSDEEP

    196608:YstmfvCUlMA+srvnQmtoOBTWcReW4fm11JqzgCkVL2:ayU1+0nQmtXWc0W4fm1H4gCk92

Score
10/10
zloaderbotnetdiscoverytrojan

Malware Config

Targets

    • Target

      shitting slander.mp4

    • Size

      6.6MB

    • MD5

      828c056e04acd9a83e57815943314c4e

    • SHA1

      c5a76db7258b6489702613d8a44487c9a2e66780

    • SHA256

      0051fa06a995e0daaa5d8d3a6aded51a32975cc3b2e5f38b5a45c3847501958e

    • SHA512

      e86ff8a95cd743fd3d5d9c13f0f46ea7828b1e871dfed8823d91ba82b84c774ed1ad37ef2a844cc3dfd3b7b3e4911ce69731d3b3d4947ad37fde5140877cf523

    • SSDEEP

      196608:YstmfvCUlMA+srvnQmtoOBTWcReW4fm11JqzgCkVL2:ayU1+0nQmtXWc0W4fm1H4gCk92

    Score
    10/10
    zloaderbotnetdiscoverytrojan

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks