MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 233e70b105e8fe2f1e9a41b68f380359c8666cea3d9d587ec2ec823cdda2a330. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


ZeuS


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 233e70b105e8fe2f1e9a41b68f380359c8666cea3d9d587ec2ec823cdda2a330
SHA3-384 hash: 47ba31f65f15cad3109e741a5d8bf0273de783977ac66e46411a6c9863f9d0f035b3716c8d186f85325b913e81ebe223
SHA1 hash: e4c61be3765aacf5936da0cdb3ec389b2afa8cd4
MD5 hash: bd363cabf9f24d8fbe49bdc1d828421a
humanhash: timing-north-pennsylvania-london
File name:233e70b105e8fe2f1e9a41b68f380359c8666cea3d9d587ec2ec823cdda2a330
Download: download sample
Signature ZeuS
Create hunting rule
File size:242'176 bytes
First seen:2020-06-17 09:28:26 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 6ffe9f0962b84633321feeea3e5bbb1b (1 x ZeuS)
ssdeep 3072:C6CkJ4E8udIcXh4SkABRotctll7Zu03fr70+xYG08atBFbqOyZRm+tn7LVuydm8h:CQVSFABRo4ll713fr70acFbca+thxph9
Threatray 604 similar samples on MalwareBazaar
TLSH 7734BF4FB710C61AC28E35F11FDBCAE4173260822743139BA2965FBA7CA5F31159A58F
Reporter JAMESWT_WT
Tags:ZeuS

Intelligence

File Origin
# of uploads :
1
# of downloads :
134
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/19361/
Detection(s):
Win.Trojan.Buzus-7611751-0
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Zeus
Create hunting rule
Status:
Malicious
First seen:
2014-08-01 18:18:00 UTC
File Type:
PE (Exe)
Extracted files:
22
AV detection:
41 of 48 (85.42%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
0a98d7b4d1079a8819a6bd0898de2e00a5598c1e5233aa095bea36a18353b4bb
ZeuS
0d812586b239b0ce1c4f3f9347386c75e70ab098659c019e100160078b821aa5
ZeuS
1f3842bc152088bc10de6e14adabf860902dee318375a6567e0b85a9faaed1f0
ZeuS
24a1e4d82d8a6b9594aa9bc4d26df0f212c6b2cf48964fdd46cdad6c03782a1f
ZeuS
2fa19780fb5e238d3ac3491b18e2c795d0a4cc31d5c03c9b4a727613397c23e5
ZeuS
3ee04e378f6430e85f5756093e80b243c2ebbcb9f2ee77cc32acd1cd9e333301
ZeuS
5c3bde59fa48471670841beba658fc9cfe707fac64b4b7f8446dd51a7706d133
ZeuS
61b0aa94dc56585b7255398cd755e9db6fedd5b06ebca386b2dc5fddc8cf5478
ZeuS
d1c4be3772ebe6d26f06e3e38ae667c3236e1f13658e652eed0aa14dac5f45f0
ZeuS
e4cd3a3bbf851aea2645ff32eeb8fbe177b79bf8149737c52acb413b2ff13eb6
ZeuS
+ 594 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  8/10
Tags:
persistence
Link:
https://tria.ge/reports/200624-he8ppf8k12/
Behaviour
Suspicious behavior: EnumeratesProcesses
Runs net.exe
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetThreadContext
Adds Run entry to start application
Deletes itself
Loads dropped DLL
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/19361/

Comments