MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0784858faba61fdacdad3f9dce2a0803147be628aab9eeb2c8de0663010cd263. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



ZeuS


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments

SHA256 hash: 0784858faba61fdacdad3f9dce2a0803147be628aab9eeb2c8de0663010cd263
SHA3-384 hash: c6680964c55560b4f3a175a0ba7cbcf588c9ac0755e87ac9f69a774d5fff9c01e2afc344f8d8a43ba44f81b3e35533e9
SHA1 hash: b075fccf8edca14e8045f18fbdc9909a40f3f2a7
MD5 hash: 1d1b1602c073e6c145c16536d37db0df
humanhash: failed-crazy-video-south
File name:zeus 1_1.2.1.4.vir
Download: download sample
Signature ZeuS
File size:490'496 bytes
First seen:2020-07-19 19:29:02 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 1c09d553803b5a265ec7f8cbb6867303 (1 x ZeuS)
ssdeep 6144:nHb2VUE6SIJquDuC0Ck9h8peX0HURnRbQ5hPBhGqne/3SJssJ6Ijsz2Z1o5tX:n7bEqruC0CkPnH4hPOqIasZS1oLX
Threatray 118 similar samples on MalwareBazaar
TLSH D0A42387B254C1FAE13D3EFA7C26DB82EE2842F84D92DF9770647B89940814B7264C5D
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.1.4

Intelligence


File Origin
# of uploads :
1
# of downloads :
239
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Spyware.Zbot
Status:
Malicious
First seen:
2011-07-10 22:29:00 UTC
AV detection:
27 of 28 (96.43%)
Threat level:
  2/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Program crash

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments