MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0ffba4bb2b66cfb49b830939afb3da083be681c78eafd0c34f895f106980f30e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 0ffba4bb2b66cfb49b830939afb3da083be681c78eafd0c34f895f106980f30e
SHA3-384 hash: 2a8c65a70e23ecb4bc1c4e535c5ad940bcecbee13615e78f23ab794c85faf1b0e6510131bb1b7b0b6fd8a28d43dfafb7
SHA1 hash: 092b9e6bfcae8cb2549534d4e0321b5b5430defe
MD5 hash: 5e10accac490fc88993ecffa4a078506
humanhash: texas-undress-oven-nitrogen
File name:zeus 1_1.2.7.0.vir
Download: download sample
Signature ZeuS
File size:144'896 bytes
First seen:2020-07-19 19:28:17 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 21f3cfa44efea023d027d54421354b87
ssdeep 3072:URogL0KDB+vjblBwz0BBjXuDUJ/UXfFXw2lj+p:0pIKd63wQrj+YKXfFXx6
TLSH F6E3127EF0C3B9BAEC5F297A0432B5A6CBB1B7519E5694641F90178ECADC0C61C09F42
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.7.0

Intelligence


File Origin
# of uploads :
1
# of downloads :
19
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2011-07-14 03:21:00 UTC
AV detection:
25 of 25 (100.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments