MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 00a2e100c5f4d7419e6612284e80b5612b080671b50f3ad9442b60e937f87967. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 00a2e100c5f4d7419e6612284e80b5612b080671b50f3ad9442b60e937f87967
SHA3-384 hash: 18a5464bf6e9e6b5d427498979c9589b2f0f271aba6313da891a2714188e630df1ecea1301393d9e3e1f6d91870b3654
SHA1 hash: a596acc431dd9e84ca0eb1c5699fa1ac5381e629
MD5 hash: 74483bc98982a9eb86823cc643edd939
humanhash: two-table-august-earth
File name:zloader 2_1.0.7.0.vir
Download: download sample
Signature ZLoader
File size:432'128 bytes
First seen:2020-07-19 16:48:42 UTC
Last seen:2020-07-19 19:12:03 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash fdb0b8944194990b2bf76864ccccf76d
ssdeep 12288:yClc4hq+Ytln3+YzGKBTpJHtvgqYe7S9S:Tlc4kBlnOabpFtGgS0
TLSH E994BED17640E4B7E107A7BD6D02CAE4CAD2A5591F23A18BB0FD277F83313AA1135687
Reporter @tildedennis
Tags:ZLoader zloader 2


Twitter
@tildedennis
zloader 2 version 1.0.7.0

Intelligence


File Origin
# of uploads :
3
# of downloads :
17
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Midie
Status:
Malicious
First seen:
2019-12-26 04:33:24 UTC
AV detection:
22 of 31 (70.97%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  6/10
Tags:
n/a
Behaviour
JavaScript code in executable
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments