MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 37259fff5937e8c92679a70cff7fc4b81043451ce705c982398865b17c7fd2a5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


ZeuS


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 37259fff5937e8c92679a70cff7fc4b81043451ce705c982398865b17c7fd2a5
SHA3-384 hash: 0fcec0c9b8d56788e80b6f43ae35571768b0f934bc1247f23bf16c822910fcb909e9f544d2c1431abc487a4a137a15ae
SHA1 hash: ee5d02be081bdd4838404a6efb36e18425824665
MD5 hash: 840641f9291b990b4b70295ef9c93ff9
humanhash: eleven-arizona-oklahoma-bakerloo
File name:uncategorized_1.7.2.1.vir
Download: download sample
Signature ZeuS
Create hunting rule
File size:150'016 bytes
First seen:2020-07-19 19:34:56 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 771cfbaddfa6d625295b48c47e956a48 (1 x ZeuS)
ssdeep 3072:ARzqEQmJSeQnvr1+88+0zGt8z3+gFxCkC79S5z:AbQODQBT8+oGt8zOgFxCkp5
Threatray 126 similar samples on MalwareBazaar
TLSH 49E3E133A31E8D16F52289FF02D957CC4B7A4BC20C69939737E3459D68C5284B39DAAC
Reporter tildedennis
Tags:uncategorized ZeuS


Avatar
tildedennis
uncategorized version 1.7.2.1

Intelligence

File Origin
# of uploads :
1
# of downloads :
397
Origin country :
n/a
Vendor Threat Intelligence
Detection:
Zeus
Create hunting rule
Link:
https://www.capesandbox.com/analysis/28268/
Detection(s):
SecuriteInfo.com.Win32.Heim.D.17729.22037.UNOFFICIAL
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/37259fff5937e8c92679a70cff7fc4b81043451ce705c982398865b17c7fd2a5/
Threat name:
Win32.Trojan.Zbot
Create hunting rule
Status:
Malicious
First seen:
2011-11-03 17:25:00 UTC
AV detection:
24 of 25 (96.00%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=g4sz772zg7umsjtzu4gp676exaiegri444c4tarzrbs3c7d72ksq._file
Verdict:
malicious
Similar samples:
0a98d7b4d1079a8819a6bd0898de2e00a5598c1e5233aa095bea36a18353b4bb
ZeuS
0d812586b239b0ce1c4f3f9347386c75e70ab098659c019e100160078b821aa5
ZeuS
1f3842bc152088bc10de6e14adabf860902dee318375a6567e0b85a9faaed1f0
ZeuS
233e70b105e8fe2f1e9a41b68f380359c8666cea3d9d587ec2ec823cdda2a330
ZeuS
2fa19780fb5e238d3ac3491b18e2c795d0a4cc31d5c03c9b4a727613397c23e5
ZeuS
3ee04e378f6430e85f5756093e80b243c2ebbcb9f2ee77cc32acd1cd9e333301
ZeuS
5c3bde59fa48471670841beba658fc9cfe707fac64b4b7f8446dd51a7706d133
ZeuS
b05e4d408f5731b0bb0c194570a3c86a31ce291ec70b54e1e76ecd5bc9bee3f7
ZeuS
d1c4be3772ebe6d26f06e3e38ae667c3236e1f13658e652eed0aa14dac5f45f0
ZeuS
e4cd3a3bbf851aea2645ff32eeb8fbe177b79bf8149737c52acb413b2ff13eb6
ZeuS
+ 116 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200719-l1avz2lmsn/
Behaviour
Suspicious use of WriteProcessMemory
NTFS ADS
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Runs net.exe
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SetThreadContext
Adds Run key to start application
Loads dropped DLL
Deletes itself
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Unknown
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/37259fff5937e8c92679a70cff7fc4b81043451ce705c982398865b17c7fd2a5

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://zeusmuseum.com/uncategorized/
Cape
Cape
https://www.capesandbox.com/analysis/28268/

Comments