MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4dfd38dbb39f3ed69c713f601bc52b663a5cd08d37a2ececcbf8d54d8d179f05. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 4dfd38dbb39f3ed69c713f601bc52b663a5cd08d37a2ececcbf8d54d8d179f05
SHA3-384 hash: 3b0476174c483284cdd232533cdf76b65d2a257372e7bce8cacce2fc3f9f65d4297f70d02371d60bc4902d02b5e0974e
SHA1 hash: ed02aef8f1f30f67a4e40acb60af0076061e362e
MD5 hash: b74cf245e3b7ee3efc4e6c987acf092d
humanhash: nebraska-carolina-pennsylvania-papa
File name:kins_2.0.9.9.vir
Download: download sample
Signature ZeuS
File size:221'696 bytes
First seen:2020-07-19 19:22:56 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 183b1c2817a73668dbe22a973b72749a
ssdeep 1536:/sbV7O4JpivB5elpDx9oFq6CEgZLdkX24VEkDomTkb5Y:/kV7rpiTevnowE4g24Vl0Akb+
TLSH D824026B2CA11E7AC8C91A3635A3046CEF73A711B9D4C816C755C37ECEB6346F80E916
Reporter @tildedennis
Tags:kins ZeuS


Twitter
@tildedennis
kins version 2.0.9.9

Intelligence


File Origin
# of uploads :
1
# of downloads :
17
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2011-09-27 16:38:00 UTC
AV detection:
23 of 25 (92.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  7/10
Tags:
evasion
Behaviour
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Modifies system certificate store
Suspicious use of SetThreadContext
Adds Run key to start application
Identifies Wine through registry keys
Loads dropped DLL
Deletes itself
Identifies Wine through registry keys
Executes dropped EXE
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments