MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e7f1b2d2601e9a6427a155a3599614c09c9edaae7eb8f10b81e1f3e117717157. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 1 Yara 1 Comments

SHA256 hash: e7f1b2d2601e9a6427a155a3599614c09c9edaae7eb8f10b81e1f3e117717157
SHA3-384 hash: 97de2da3028bfd37bf5995f0f1ade2aaa294d9bed98a62c4de31437ec3f2e4044af26c59265e8d064cf8627d11a3521b
SHA1 hash: 403c6a9e7159480ba75f4250f2d946226de92d4b
MD5 hash: a37a8840e9e8d07c73861a1353013ba2
humanhash: winner-johnny-florida-delta
Download: download sample
Signature ZLoader
File size:592'896 bytes
First seen:2020-06-30 03:36:52 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
imphash 7af8fa00ad6b21ee3cbd72c090c0bdaf
ssdeep 12288:AbQJGj68MhvrWZ0b/lyNLFMpZF6D1+FVoeTmuMsxJWjj7E2K9:AbQJs68+PgNB4v6O1TmMxgjj7nK
TLSH 6EC49D01B690D138F4FB45B49A76C1ADAA387D605B3488CBB7C52E9F5B246E0ED31713
Reporter @SecuriteInfoCom


Mail intelligence No data
# of uploads 1
# of downloads 33
Origin country US US
CAPE Sandbox Detection:n/a
CERT.PL MWDB Detection:zloader
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 03:38:05 UTC
AV detection:17 of 31 (54.84%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:zloader
Tags:trojan botnet family:zloader evasion spyware
VirusTotal:Virustotal results 5.71%

Yara Signatures

Rule name:win_unidentified_023_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information

The table below shows additional information about this malware sample such as delivery method and external references.