zloader | 049d162b68a4c2ebbc872a0a8805080e5db84cfeb398339c09c4be1617e37451

General

Target

e9679d6f35338721f38ba3af845bf73a_JaffaCakes118
Size

380KB
Sample

241213-cqrwdavqav
MD5

e9679d6f35338721f38ba3af845bf73a
SHA1

a2815a8f4431bb2895672c43c4ef4cb7d8523fe0
SHA256

049d162b68a4c2ebbc872a0a8805080e5db84cfeb398339c09c4be1617e37451
SHA512

379a777e11b1c7a6e499cfd6a00e003ff2c64c6bdec4c6f4170f84e4092ea9e5a392dced381c7d977bc5f8454f1c6aa6548df814e92eaf6effbd6b4c34ece56e
SSDEEP

6144:jqd6MJqQSsZobqW4ajIj620+8IAirYtAGOzPu6zX2ws5TGGUvC:jqlqQSdyrG5+8IA0YaGOzXXts5iGUq

Score

10^/10

Malware Config

Extracted

Family

zloader

Botnet

vasja

Campaign

vasja

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes

build_id
157

rc4.plain

rsa_pubkey.plain

Targets

- Target
  
  e9679d6f35338721f38ba3af845bf73a_JaffaCakes118
- Size
  
  380KB
- MD5
  
  e9679d6f35338721f38ba3af845bf73a
- SHA1
  
  a2815a8f4431bb2895672c43c4ef4cb7d8523fe0
- SHA256
  
  049d162b68a4c2ebbc872a0a8805080e5db84cfeb398339c09c4be1617e37451
- SHA512
  
  379a777e11b1c7a6e499cfd6a00e003ff2c64c6bdec4c6f4170f84e4092ea9e5a392dced381c7d977bc5f8454f1c6aa6548df814e92eaf6effbd6b4c34ece56e
- SSDEEP
  
  6144:jqd6MJqQSsZobqW4ajIj620+8IAirYtAGOzPu6zX2ws5TGGUvC:jqlqQSdyrG5+8IA0YaGOzXXts5iGUq
Score

10^/10

zloader vasja vasja botnet discovery trojan
- Zloader family
  zloader
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Zloader family

Zloader, Terdot, DELoader, ZeusSphinx

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2