Zloader Learns Old Tricks
May 1, 2024, 11:09 p.m.
Tags
External References
Description
Zloader (a.k.a. Terdot, DELoader, or Silent Night) is a modular trojan based on leaked ZeuS source code. Zloader has continued to evolve since its resurrection around September 2023 after an almost two-year hiatus. The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection. This anti-analysis technique was present in the original ZeuS 2.X code but implemented differently.
Date
Published: April 30, 2024, 2:41 p.m.
Created: April 30, 2024, 2:41 p.m.
Modified: May 1, 2024, 11:09 p.m.
Indicators
eingangfurkunden.digital
cba9578875a3e222d502bb6a85898939bb9e8e247d30fcc0d44d83a64919f448
b1a6bf93d4ee659db03e51a3765d4d3c2ee3f1b56bd9b701ab5939d63f57d9ee
85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6
85962530c71cd31c102853d64a8829f93b63bd1406bdec537b9d8c200f8f0bcc
gycltda.cl
citscale.com
adslsdfdsfmo.world
Attack Patterns
Zloader
Zloader
T1050
T1139
T1543.003
T1542
T1490
T1137
T1059.005
T1027.002
T1059.003
T1059.001
T1572
T1557
T1497
T1105
T1543
T1055
T1027
T1053
T1562
T1059