← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Zloader Learns Old Tricks
WHITE Zloader AlienVault 2024-04-30 Modified: 2024-04-30
8
IOCs
LOW VOLUME
Zloader (a.k.a. Terdot, DELoader, or Silent Night) is a modular trojan based on leaked ZeuS source code. Zloader has continued to evolve since its resurrection around September 2023 after an almost two-year hiatus. The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection. This anti-analysis technique was present in the original ZeuS 2.X code but implemented differently.
anti-analysiszloaderZeuSPythonwindows registry
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Zloader
Indicators of Compromise (8)
All FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 85962530c71cd31c102853d64a8829f93b63bd1406bdec537b9d8c200f8f0bcc 2024-04-30
FileHash-SHA256 85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6 2024-04-30
FileHash-SHA256 b1a6bf93d4ee659db03e51a3765d4d3c2ee3f1b56bd9b701ab5939d63f57d9ee 2024-04-30
FileHash-SHA256 cba9578875a3e222d502bb6a85898939bb9e8e247d30fcc0d44d83a64919f448 2024-04-30
domain adslsdfdsfmo.world 2024-04-30
domain citscale.com 2024-04-30
domain eingangfurkunden.digital 2024-04-30
domain gycltda.cl 2024-04-30
References (1)
↗ https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks