MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ca755b8915cb1025b4b5748e12cd7d3cbdccbcf90fd5986c911b066043d6d136. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara 1 Comments

SHA256 hash: ca755b8915cb1025b4b5748e12cd7d3cbdccbcf90fd5986c911b066043d6d136
SHA3-384 hash: 4e5901f340e74fde3f067db9a2af6e8e90de588283ac650b1add72354074b03bf66a7fd626f6ef9149a6d90b094f3355
SHA1 hash: c3dce7311306f98f78c96b7a1af4f44df3583095
MD5 hash: 8eadf95159003d1eb5609a57444d9aa9
humanhash: massachusetts-ink-bravo-north
File name:SecuriteInfo.com.RDML.DpsH1LBgrxgJWYTghsHC1w.19203
Download: download sample
Signature ZLoader
File size:592'896 bytes
First seen:2020-06-29 23:57:04 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
imphash 7af8fa00ad6b21ee3cbd72c090c0bdaf
ssdeep 12288:AbQJGj68ZhvrWZ0b/lyNLFMpZF6D1+FVoeTmuMsxJWjj7E2K9:AbQJs68TPgNB4v6O1TmMxgjj7nK
TLSH 92C49D01B690D138F4FB45B49A76C1ADAA387D605B3488CBB7C52E9F5B246E0ED31713
Reporter @SecuriteInfoCom
Tags:ZLoader

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 29
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16743/
ClamAV SecuriteInfo.com.RDML.DpsH1LBgrxgJWYTghsHC1w.19203.UNOFFICIAL
PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:zloader
Link: https://mwdb.cert.pl/sample/ca755b8915cb1025b4b5748e12cd7d3cbdccbcf90fd5986c911b066043d6d136/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-29 20:15:28 UTC
AV detection:14 of 31 (45.16%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:zloader
Link: https://tria.ge/reports/200629-2yxnl9dy5j/
Tags:trojan botnet family:zloader evasion spyware
VirusTotal:Virustotal results 2.78%

Yara Signatures


Rule name:win_unidentified_023_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

ZLoader

DLL dll ca755b8915cb1025b4b5748e12cd7d3cbdccbcf90fd5986c911b066043d6d136

(this sample)

  
Delivery method
Distributed via web download

Comments