MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 14d333f6817a40cc66251901b630df311dc518be513f3be9e4fc308ab7ff562d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


ZLoader


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 14d333f6817a40cc66251901b630df311dc518be513f3be9e4fc308ab7ff562d
SHA3-384 hash: 0b4b0012ced55be0e42011ec3a2677720a67c3f99128909246bfcd865c83f58306310fea9f826d6fb10ebdf7b610366d
SHA1 hash: a587242db9200982a8a9d8308ce4c020020c6264
MD5 hash: 0d59d38d2ec5c6aa8b14e1ab7e7f0c5c
humanhash: lake-diet-seven-monkey
File name:BAX791109.vbs
Download: download sample
Signature ZLoader
Create hunting rule
File size:1'584'147 bytes
First seen:2020-04-20 22:27:40 UTC
Last seen:Never
File type:Visual Basic Script (vbs) vbs
MIME type:text/plain
ssdeep 12288:OS/r5zeI12pB5rqjI/VnCgj+Gp3mzGC2cXi988JsxT2ah9X:P/BL4p7r2g0ghpWzGwAvJSTf
Threatray 84 similar samples on MalwareBazaar
TLSH A475DE21E6B3A4BF433A2E8C8C14EAE46FE91D576714283CF46D486716583371AB8FD4
Reporter Racco42
Tags:dropper vbs ZLoader

Intelligence

File Origin
# of uploads :
1
# of downloads :
351
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.25834.JsHeur.UNOFFICIAL
Create hunting rule

Porcupine.Malware.36555.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Script-VBS.Trojan.Valyria
Create hunting rule
Status:
Malicious
First seen:
2020-04-20 22:35:46 UTC
File Type:
Text (VBS)
AV detection:
11 of 31 (35.48%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=ctjth5ubpjamyzrfdea3mmg7geo4kgf6ke7tx2pe7qyivn77kywq._file
Verdict:
malicious
Similar samples:
0a529a4059586c60a025c4f646c6ca443488a39263f5f21b897fe7f9373602e8
ZLoader
19f90b17a6bcf1c80551ae576d0949d51df8b8e26437a3a8aa6d5d4d344440c4
ZLoader
1dda49ee9286f6c433dd46056c690d02d2e7dea1f96e01dbe148136891d01bbd
ZLoader
2b5e50bc3077610128051bc3e657c3f0e331fb8fed2559c6596911890ea866ba
ZLoader
4f1b67de033cb3d692e494a0104243edb1504185df21e5086dba1d10d941c12a
ZLoader
69b37a5b3044cb14a9fc32440212f242e52f657b93306f4b90cccc3087ed4773
ZLoader
7af7f0a46e466b448270f959f4e1a3af964d22b609100536703e299d7618bf2d
ZLoader
987bd37601d6a662a35183c0dd766752e57ed9a1090bb0383b082baf4ea8f6c8
ZLoader
e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a
ZLoader
ec9668cae1c65020021d2c633b68286944f1e6b1ddf5183d40ef823607e29cba
ZLoader
+ 74 additional samples on MalwareBazaar
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

ZLoader

Visual Basic Script (vbs) vbs 14d333f6817a40cc66251901b630df311dc518be513f3be9e4fc308ab7ff562d

(this sample)

DLL dll e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a

Comments