MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1d20f089698311891fac0a5cc2f3ecbfc1ce8e38d5e75a8a55b822324e8b1d35. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 1d20f089698311891fac0a5cc2f3ecbfc1ce8e38d5e75a8a55b822324e8b1d35
SHA3-384 hash: 019adfee0d1cb54a105dbd1e00bd2f71ad603138e1f9e40d25c9d63edb3d6e473bf542855bb87c7936980412ca71809c
SHA1 hash: d6c23371f6784f20b8f7052d6b69add87db0ecfb
MD5 hash: e477358e4fa411d0d426767a02d5a787
humanhash: early-may-hawaii-bacon
File name:zloader_1.15.5.0.vir
Download: download sample
Signature ZLoader
File size:159'744 bytes
First seen:2020-07-19 16:48:08 UTC
Last seen:2020-07-19 19:11:47 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash d09e457352a1b3d0da31c267b72df0c2
ssdeep 3072:sCyIvHXXUk5Y0G431ZyoSuAvPAnUa+O5635c2DiqYAoAOHM93LtLJ:NyIvHXXUk+U1ZQuOAng5cyipJMHF
TLSH 0DF3C0BBA4C3CC75C4B536F7BBAD408AAF3F125291111C1D7BA061B1267E291DE4DA32
Reporter @tildedennis
Tags:ZLoader


Twitter
@tildedennis
zloader version 1.15.5.0

Intelligence


File Origin
# of uploads :
3
# of downloads :
20
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Cerber
Status:
Malicious
First seen:
2017-02-09 01:03:00 UTC
AV detection:
30 of 31 (96.77%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Suspicious behavior: MapViewOfSection
Suspicious use of WriteProcessMemory
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments