Resubmissions

21-01-2025 16:49

250121-vbpftatkax 10

20-11-2024 13:25

241120-qn3rraxblf 3

General

  • Target

    f1a9ef13784ba05628c12decbbe44e7708793d1a707f9fbc2475c42e1ec2cb7d.exe

  • Size

    460KB

  • MD5

    ab47ad5d78dcb05d90ddb00a482d3a1e

  • SHA1

    fc8d7677842c365eab288314b60f31bdd47a7dd1

  • SHA256

    f1a9ef13784ba05628c12decbbe44e7708793d1a707f9fbc2475c42e1ec2cb7d

  • SHA512

    46a66fe3e779a8c06cc903cc9747230ad35e27a02637374c458ac5d3dd5c87687c5210dc1867339caaaa4be2361c362aa971c67061382b8c46d10ee4d88abad1

  • SSDEEP

    6144:Xc+kUlZndUcgzpK8XOFGEvOcMlZjMR8x40A79uriJJUqy9RznJ/cF:XzrJ2ckXkGEmcMl1sGmuzqynJ/cF

Score
10/10

Malware Config

Extracted

Family

zloader

Botnet

Penta2

Campaign

1.1

C2

https://unitedcommunity.world/

Attributes
  • dns

    https://fordns/corproot/

    dns://ns1.brownswer.com

rsa_pubkey.plain
rc4.hex

Signatures

  • Zloader family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f1a9ef13784ba05628c12decbbe44e7708793d1a707f9fbc2475c42e1ec2cb7d.exe
    .dll regsvr32 windows:6 windows x64 arch:x64

    c4f79cbcb5ca7cb336f74e191000f730


    Headers

    Imports

    Exports

    Sections