MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0573d56a84aac658edac1e93d08390c1a8378ed2d801b2460ac89a8ef643eb7d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 1 Yara 1 Comments

SHA256 hash: 0573d56a84aac658edac1e93d08390c1a8378ed2d801b2460ac89a8ef643eb7d
SHA3-384 hash: ab2541227fef77a53dffed625d4cf4701ac0cfdfaf6f88adcdcef7575f34ab3a625d5017d3c41f92d071906b8ceec527
SHA1 hash: 97cb4429abb8825772a52edebcbaf06a8f9b5308
MD5 hash: 1bd992ee2bddba2ac275719624e52c05
humanhash: lima-solar-video-william
File name:SecuriteInfo.com.Variant.Zusy.307926.22904.26447
Download: download sample
Signature ZLoader
File size:592'896 bytes
First seen:2020-06-30 04:39:07 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
imphash 7af8fa00ad6b21ee3cbd72c090c0bdaf
ssdeep 12288:AbQJGj68ghvrWZ0b/lyNLFMpZF6D1+FVoeTmuMsxJWjj7E2K9:AbQJs68yPgNB4v6O1TmMxgjj7nK
TLSH 46C49D01B690D138F4FB45B49A76C1ADAA387D605B3488CBB7C52E9F5B246E0ED31713
Reporter @SecuriteInfoCom
Tags:ZLoader

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 29
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16752/
ClamAV SecuriteInfo.com.Variant.Zusy.307926.22904.26447.UNOFFICIAL
PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:zloader
Link: https://mwdb.cert.pl/sample/0573d56a84aac658edac1e93d08390c1a8378ed2d801b2460ac89a8ef643eb7d/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Zload
First seen:2020-06-30 04:41:03 UTC
AV detection:22 of 31 (70.97%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:zloader
Link: https://tria.ge/reports/200630-glkc9w8ycn/
Tags:trojan botnet family:zloader evasion spyware
VirusTotal:Virustotal results 5.80%

Yara Signatures


Rule name:win_unidentified_023_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments