216.73.217.22

Zloader Learns Old Tricks

· Published 30/04/2024 14:41 · Modified 01/05/2024 23:09

Export JSON

Essential information

Published
30/04/2024 14:41
Modified
01/05/2024 23:09
Tags
anti-analysis python windows registry zeus zloader
Related entities
8 observables, 1 intrusion sets (apt), 20 techniques (mitre), 1 malware

Description

(a.k.a. Terdot, DELoader, or Silent Night) is a modular trojan based on leaked source code. has continued to evolve since its resurrection around September 2023 after an almost two-year hiatus. The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection. This technique was present in the original 2.X code but implemented differently.

Related entities

Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.

Observables (8)

  • gycltda.cl
  • citscale.com
  • adslsdfdsfmo.world
  • eingangfurkunden.digital
  • cba9578875a3e222d502bb6a85898939bb9e8e247d30fcc0d44d83a64919f448
  • b1a6bf93d4ee659db03e51a3765d4d3c2ee3f1b56bd9b701ab5939d63f57d9ee
  • 85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6
  • 85962530c71cd31c102853d64a8829f93b63bd1406bdec537b9d8c200f8f0bcc

Intrusion sets (APT) (1)

  • Zloader
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 Published 21/12/2025 03:56 · Modified 21/12/2025 03:56

Techniques (MITRE) (20)

Malware (1)

  • Zloader
    Family
    Published 22/09/2025 19:40 · Modified 22/09/2025 19:40

External references