Overview

overview

10

Static

static

10

GridCloud.dll

windows10-2004-x64

1

GridCloud.dll

windows10-ltsc 2021-x64

1

Resubmissions

24/01/2025, 13:19 UTC

250124-qk14razngs 10

21/01/2025, 16:48 UTC

250121-va9qcstnbm 10

17/12/2024, 01:10 UTC

241217-bjnppswqdk 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GridCloud.dll

  • Size

    455KB

  • Sample

    250124-qk14razngs

  • MD5

    fcd09874767c2098a6d6670f2eac07e2

  • SHA1

    6f5837fc6b22b4c66aafaf727c0d319241c15e5c

  • SHA256

    3610f213db22a9de07dbbed4fbf6cec78b6dd4d58982c91f3a4ef994b53a8adc

  • SHA512

    3e2824d6fbaa744e3ceb72e0b581ca4ae5069788117f1825b995df274ba89b87ef3c3d22d40b0139242fe10d194e2253d84100611dd1c880815ef6c709e8afa6

  • SSDEEP

    6144:5e2/uO/8i17KZxx/KVb1KC8jZtsTh+se/ntxNKq8IzBgoQ2eKQC5:5hUs7KxxeJqjZtsMDbX1a524

Score
10/10
zloaderpenta21.1

Malware Config

Extracted

Family

zloader

Botnet

Penta2

Campaign

1.1

C2

https://unitedcommunity.world/

Attributes
  • dns

    https://fordns/corproot/

    dns://ns1.brownswer.com

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCY+UFtvU5cltGpCE5EFl+Hfb3
3
S87stCJdHhS6tuyyaYjOt7xIAV3kFc6BlWxkmOmnTWd0qt7GT0o+tD2uTf7zPfR3
4
tkmp3vGXyNZXjR90lwSHKs22ksfOgmZpNdbZ+ZHVn4ozbpE/cGXzzo/k93z+P6Jk
5
chXZ8NwFZM8ARrcjeQIDAQAB
6
-----END PUBLIC KEY-----
7
rc4.hex
1
fdf2fcf4fefbf3f0f1f5f6f5faf6f4fc

Targets

    • Target

      GridCloud.dll

    • Size

      455KB

    • MD5

      fcd09874767c2098a6d6670f2eac07e2

    • SHA1

      6f5837fc6b22b4c66aafaf727c0d319241c15e5c

    • SHA256

      3610f213db22a9de07dbbed4fbf6cec78b6dd4d58982c91f3a4ef994b53a8adc

    • SHA512

      3e2824d6fbaa744e3ceb72e0b581ca4ae5069788117f1825b995df274ba89b87ef3c3d22d40b0139242fe10d194e2253d84100611dd1c880815ef6c709e8afa6

    • SSDEEP

      6144:5e2/uO/8i17KZxx/KVb1KC8jZtsTh+se/ntxNKq8IzBgoQ2eKQC5:5hUs7KxxeJqjZtsMDbX1a524

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.