MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 455c21fbac342659cd4b5cc162772117cce60f6b59f04dba0dd4327868a428eb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara 1 Comments

SHA256 hash: 455c21fbac342659cd4b5cc162772117cce60f6b59f04dba0dd4327868a428eb
SHA3-384 hash: 207a380b58709d9b004a28e4f990db65e6a3c188c7ef8c6bb22a32162afca78084c24f0fec835bbcee89b9d4549c4b62
SHA1 hash: e48fc7a827613aa62fde4c38d239704bfb6d8b95
MD5 hash: 08dac5157102790bb1c6d3a65660db37
humanhash: ceiling-east-bacon-nineteen
File name:SecuriteInfo.com.Win32.Kryptik.HENB.25036
Download: download sample
Signature ZLoader
File size:592'896 bytes
First seen:2020-06-30 02:44:20 UTC
Last seen:2020-06-30 03:36:53 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash 7af8fa00ad6b21ee3cbd72c090c0bdaf
ssdeep 12288:AbQJGj685hvrWZ0b/lyNLFMpZF6D1+FVoeTmuMsxJWjj7E2K9:AbQJs68zPgNB4v6O1TmMxgjj7nK
TLSH DAC49D01B690D138F4FB45B49A76C1ADAA387D605B3488CBB7C52E9F5B24AE0ED31713
Reporter @SecuriteInfoCom
Tags:ZLoader

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 30
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16750/
ClamAV SecuriteInfo.com.Win32.Kryptik.HENB.25036.UNOFFICIAL
PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:zloader
Link: https://mwdb.cert.pl/sample/455c21fbac342659cd4b5cc162772117cce60f6b59f04dba0dd4327868a428eb/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Zload
First seen:2020-06-30 02:46:06 UTC
AV detection:21 of 31 (67.74%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:zloader
Link: https://tria.ge/reports/200630-mpqlf5s3ka/
Tags:evasion spyware trojan botnet family:zloader
VirusTotal:Virustotal results 5.71%

Yara Signatures


Rule name:win_unidentified_023_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

ZLoader

DLL dll 455c21fbac342659cd4b5cc162772117cce60f6b59f04dba0dd4327868a428eb

(this sample)

  
Delivery method
Distributed via web download

Comments