MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0b37d287d10b55a50f1a717a015503b64d3be3586f15a12a0085d61794864235. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 0b37d287d10b55a50f1a717a015503b64d3be3586f15a12a0085d61794864235
SHA3-384 hash: 2b3a58bb1a85cecb7a15c208d6102938454b51dea19f6e1749943fc65281dfd6130efa87f9e44b779a178025eb77f2b0
SHA1 hash: c8fb26a5a4776ceb5572c5139d9057a8040f68b8
MD5 hash: 2cddc5e9482b049387c96b609ada8fea
humanhash: fifteen-zulu-eighteen-carolina
File name:zloader_1.17.0.0.vir
Download: download sample
Signature ZLoader
File size:266'240 bytes
First seen:2020-07-19 16:34:56 UTC
Last seen:2020-07-19 19:09:40 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 0929aec5d58f2fb36225bca3920f81f9
ssdeep 3072:sdhM4Q+hmghguGQGcCfpZqPmeOlhF8ZXNO5XVcjEZip:sdhu/fpAPNOhFSXN
TLSH 67443BBC3F0CFA35D95396F8E4171EB6130A4E5F912404ABE2A97F5EBA34605F112782
Reporter @tildedennis
Tags:ZLoader


Twitter
@tildedennis
zloader version 1.17.0.0

Intelligence


File Origin
# of uploads :
4
# of downloads :
21
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
Unknown
Detection:
malicious
Classification:
evad
Score:
68 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Trojan.Hpgen
Status:
Malicious
First seen:
2017-04-14 00:55:36 UTC
AV detection:
26 of 31 (83.87%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  5/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Program crash
Suspicious use of SetThreadContext
Suspicious use of SetThreadContext
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments