MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 42bb5eae534eb2cea979c300b797a65febf291b28aea0b9d8bbea7d0a41bffa2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 42bb5eae534eb2cea979c300b797a65febf291b28aea0b9d8bbea7d0a41bffa2
SHA3-384 hash: 895851cdef95086ca2309042172ce263cb83ba23864fe561026bd6ae0745bc93467b7d3d1b08a1ee7127a5a70cf92637
SHA1 hash: 88a5fcebfd7a037a9ca9573772ac2334a61b25de
MD5 hash: a004bc8b4f3db1ef5a66579b9746b5b1
humanhash: item-skylark-social-nuts
File name:A004BC8B4F3DB1EF5A66579B9746B5B1.bin
Download: download sample
Signature ZLoader
File size:434'176 bytes
First seen:2020-06-22 07:22:01 UTC
Last seen:2020-07-19 19:26:31 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash 991df9a4e85f5c69b2489b1877be1c8a
ssdeep 6144:kQ0fpRug1NzpAhY2Zgi1ny2YT2oqCesyc+V6pDDW3FdREH5gH+xWz1:kQ0Rsg58Yti9y2voysiVmO3BlH+W
TLSH 4B94E010FB02E03EE20FE53D5869C6B5C16E7D592A74188376EB8F873B23111DE75A26
Reporter @JAMESWT_MHT

Intelligence


File Origin
# of uploads :
2
# of downloads :
29
Origin country :
IT IT
Mail intelligence
No data
Vendor Threat Intelligence
Threat name:
Win32.Trojan.ZLoader
Status:
Malicious
First seen:
2020-06-19 01:48:44 UTC
AV detection:
24 of 31 (77.42%)
Threat level
  5/5
Result
Malware family:
zloader
Score:
  10/10
Tags:
trojan botnet family:zloader
Behaviour
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious use of SetThreadContext
Blacklisted process makes network request
Zloader, Terdot, DELoader, ZeusSphinx

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments