ioc[.]one - OSINT Cyber Threat Intelligence Database

[RE026] A Deep Dive into Zloader - the Silent Night

Tags

cmtmf-attack-pattern:	Process Injection
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Process Injection - T1631 Python - T1059.006 Regsvr32 - T1218.010 Rundll32 - T1218.011 Software - T1592.002 Process Injection - T1055 Regsvr32 - T1117 Rundll32 - T1085

Show in Graph

Common Information

Type	Value
UUID	3eafa875-c786-41cd-93a5-d21a97ad7738
Fingerprint	8b3833052e2be6d4
Analysis status	DONE
Considered CTI value	0
Text language
Published	April 25, 2022, 5:14 p.m.
Added to db	Oct. 23, 2023, 12:21 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	UNKNOWN
Title	[RE026] A Deep Dive into Zloader - the Silent Night
Detected Hints/Tags/Attributes	34/2/32

Source URLs

	Redirection	Url
Details	Source	https://blog.vincss.net/2022/04/re026-a-deep-dive-into-zloader-the-silent-night-vie.html

URL Provider

Details	Provider	Source level domain
Details	vincss.net	blog.vincss.net

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	71	✔	—	https://blog.vincss.net/feeds/posts/default?alt=rss	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	911	any.run
Details	File	269	msiexec.exe
Details	File	748	kernel32.dll
Details	File	291	user32.dll
Details	File	533	ntdll.dll
Details	File	69	shlwapi.dll
Details	File	53	iphlpapi.dll
Details	File	50	urlmon.dll
Details	File	130	ws2_32.dll
Details	File	83	crypt32.dll
Details	File	185	shell32.dll
Details	File	229	advapi32.dll
Details	File	33	gdiplus.dll
Details	File	76	gdi32.dll
Details	File	86	ole32.dll
Details	File	34	psapi.dll
Details	File	16	cabinet.dll
Details	File	15	imagehlp.dll
Details	File	59	netapi32.dll
Details	File	41	wtsapi32.dll
Details	File	45	mpr.dll
Details	File	146	wininet.dll
Details	File	37	userenv.dll
Details	File	52	bcrypt.dll
Details	File	1018	rundll32.exe
Details	File	459	regsvr32.exe
Details	File	1	myresume.xls
Details	md5	1	9b5589fcd123a3533584a62956f2231b
Details	sha256	1	034f61d86de99210eb32a2dca27a3ad883f54750c46cdec4fcc53050b2f716eb
Details	Url	1	https://any.run/malware-trends/zloader
Details	Windows Registry Key	22	HKEY_CURRENT_USER\Software\Microsoft
Details	Windows Registry Key	582	HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run