zloader | cdaca5b6aabd92a7b782c2d7b250cbc1b2ed4c5a78091271f788d58dedcd94f6

General

Target

a9dd9b9eff47af724436e2abdcd5ce6c_JaffaCakes118
Size

485KB
Sample

241127-15tkhssrct
MD5

a9dd9b9eff47af724436e2abdcd5ce6c
SHA1

1a9c9258f0345f5edddd933a7bd15ec42be51f8e
SHA256

cdaca5b6aabd92a7b782c2d7b250cbc1b2ed4c5a78091271f788d58dedcd94f6
SHA512

28af95d398c6311bd593489019be39a23218d64d5236f765c4ecadf43bff07f0ab2aea10413ad7390e3805b09921cdd6c33db734023a6b91a1735125793aea52
SSDEEP

12288:oSOtDj2zB3iGZDhWVw/D0//EwImW70sct029xey5ZgA:qD6F3RYg0T/cy5Zv

Score

10^/10

Malware Config

Extracted

Family

zloader

Botnet

vasja

Campaign

vasja

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes

build_id
157

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  a9dd9b9eff47af724436e2abdcd5ce6c_JaffaCakes118
- Size
  
  485KB
- MD5
  
  a9dd9b9eff47af724436e2abdcd5ce6c
- SHA1
  
  1a9c9258f0345f5edddd933a7bd15ec42be51f8e
- SHA256
  
  cdaca5b6aabd92a7b782c2d7b250cbc1b2ed4c5a78091271f788d58dedcd94f6
- SHA512
  
  28af95d398c6311bd593489019be39a23218d64d5236f765c4ecadf43bff07f0ab2aea10413ad7390e3805b09921cdd6c33db734023a6b91a1735125793aea52
- SSDEEP
  
  12288:oSOtDj2zB3iGZDhWVw/D0//EwImW70sct029xey5ZgA:qD6F3RYg0T/cy5Zv
Score

10^/10

zloader vasja vasja botnet discovery trojan
- Zloader family
  zloader
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Zloader family

Zloader, Terdot, DELoader, ZeusSphinx

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2