General
-
Target
zloader_1.8.0.0.vir
-
Size
3.3MB
-
Sample
200719-k5n696121j
-
MD5
8211a69a3a068265e8b9ab03e4546581
-
SHA1
e4e520c3ae68ab2ed566d1f090ef0dc5c8003b0e
-
SHA256
f6c6a59c54373d9a49e7a5a7aa859d6bda9f5826e4bb652f5898fa78c8748f39
-
SHA512
5b52482d6de03084fcf06c846f59f6455ab3635b80c100d523f48ae780e4f31675948488f00005806416d76c4e056ca87a96d6db7dae9e80d941c2226dbf2075
Static task
static1
Behavioral task
behavioral1
Sample
zloader_1.8.0.0.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
zloader_1.8.0.0.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
zloader_1.8.0.0.vir
-
Size
3.3MB
-
MD5
8211a69a3a068265e8b9ab03e4546581
-
SHA1
e4e520c3ae68ab2ed566d1f090ef0dc5c8003b0e
-
SHA256
f6c6a59c54373d9a49e7a5a7aa859d6bda9f5826e4bb652f5898fa78c8748f39
-
SHA512
5b52482d6de03084fcf06c846f59f6455ab3635b80c100d523f48ae780e4f31675948488f00005806416d76c4e056ca87a96d6db7dae9e80d941c2226dbf2075
Score8/10-
Blacklisted process makes network request
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-