← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ESET takes part in global operation to disrupt Zloader botnets | WeLiveSecurity
WHITE mohdrennis 2022-04-17 Modified: 2022-04-17
102
IOCs
HIGH VOLUME
Zloader is one of the world’s most dangerous banking trojan families, and ESET researchers have been closely monitoring its activity and evolution since it was announced and advertised in underground forums.
zloaderzbotcobalt strikehodiadinkakyursnifhnlqaophmphladumhognatera agentfigureaitbeset researchcommandesetmicrosoftnovemberrc4 keyjunesilentfebruaryloaderdarksideraccoonaprilteamviewerexecutionandroid
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Zloader Zbot KY NKA ADI HODI Cobalt Strike HOGN ADUM PHL PHM AO HNLQ Ursnif
Indicators of Compromise (7 / 102 total)
All URL CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain email hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 19896a23d7b054625c2f6b1ee1551a0da68ad25cddbb24510a3b74578418e618 SHA256 of 3a80a49efaac5d839400e4fb8f803243fb39a513 2022-04-17
FileHash-SHA256 5da3db74eee74412c1290393a0a0487c63b2c022e57aebcd632f0c3caf23d8bc SHA256 of fa1db6808d4b4d58de6f7798a807dd4bea5b9bf7 2022-04-17
FileHash-SHA256 5f02551d7a9d3021e59c22c84147874e78019417480ed3e792197743fb48c2a0 SHA256 of 30d8ba32daf9e18e9e3ce564fc117a2faf738405 2022-04-17
FileHash-SHA256 950ad539dfc8e16c07d24dbb37ae19daa0b2f32164ba0cb3c81fa7e689f274e1 SHA256 of f3b3cf03801527c24f9059f475a9d87e5392dae9 2022-04-17
FileHash-SHA256 b83a51edb03adbaf47fd133a6d8e3139906d3dc4d70eb06d45f45815db8bbb85 SHA256 of f4879eb2c159c4e73139d1ac5d5c8862af8f1719 2022-04-17
FileHash-SHA256 c3dcb0b174fe9b61f8f20d829f0b05fdf04848fc7087f53b7de1e4d91e8042dd SHA256 of e7d7be1f1fe04f6708efb8f0f258471d856f8f8f 2022-04-17
FileHash-SHA256 f537cfc1c44ea27081e917e92f2909a8a5c81695a7954add30a6e6e4fd22c85f SHA256 of 4858bc02452a266ea3e1a0dd84a31fa050134fb8 2022-04-17
References (1)
↗ https://www.welivesecurity.com/2022/04/13/eset-takes-part-global-operation-disrupt-zloader-botnets/