MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0784858faba61fdacdad3f9dce2a0803147be628aab9eeb2c8de0663010cd263. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 7 File information Yara Comments

SHA256 hash: 0784858faba61fdacdad3f9dce2a0803147be628aab9eeb2c8de0663010cd263
SHA3-384 hash: c6680964c55560b4f3a175a0ba7cbcf588c9ac0755e87ac9f69a774d5fff9c01e2afc344f8d8a43ba44f81b3e35533e9
SHA1 hash: b075fccf8edca14e8045f18fbdc9909a40f3f2a7
MD5 hash: 1d1b1602c073e6c145c16536d37db0df
humanhash: failed-crazy-video-south
File name:zeus 1_1.2.1.4.vir
Download: download sample
Signature ZeuS
File size:490'496 bytes
First seen:2020-07-19 19:29:02 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 1c09d553803b5a265ec7f8cbb6867303
ssdeep 6144:nHb2VUE6SIJquDuC0Ck9h8peX0HURnRbQ5hPBhGqne/3SJssJ6Ijsz2Z1o5tX:n7bEqruC0CkPnH4hPOqIasZS1oLX
TLSH D0A42387B254C1FAE13D3EFA7C26DB82EE2842F84D92DF9770647B89940814B7264C5D
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.1.4

Intelligence


File Origin
# of uploads :
1
# of downloads :
23
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Spyware.Zbot
Status:
Malicious
First seen:
2011-07-10 22:29:00 UTC
AV detection:
27 of 28 (96.43%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments