MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5003a820820a43883c42918e8ca0ad6605417ed61b2645b35c068b396c44ecc9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 5003a820820a43883c42918e8ca0ad6605417ed61b2645b35c068b396c44ecc9
SHA3-384 hash: b3831dfa50d922400a082165ffda003c92baa1ba91fd10f262f52f320b46aad8a69633cb35368e7b58960096a2edb9ca
SHA1 hash: 2b5ab2e303a786988597ad7cad99375da2c06c5b
MD5 hash: af024f124fedfaf1a1ecf2aaf93ca9c7
humanhash: neptune-massachusetts-coffee-uncle
File name:zloader_1.5.5.0.vir
Download: download sample
Signature ZLoader
File size:131'072 bytes
First seen:2020-07-19 17:19:59 UTC
Last seen:2020-07-19 19:15:06 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 06f20939dcdc10d19d41a5cc592e5143
ssdeep 1536:5OTZnXHgWYAmdC/ixsxb7zlkN+EvzD4383eudom/d53jI7iGM+h4SjMlpG:UTZ3gtQawZkN+k4Lmf3jQMZSjMlp
TLSH EBD3C0807CD2CC33E565017E049DD712932ABD682A7478E33BD92AEF5E732D2952F246
Reporter @tildedennis
Tags:ZLoader


Twitter
@tildedennis
zloader version 1.5.5.0

Intelligence


File Origin
# of uploads :
2
# of downloads :
21
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Searching for the window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Inject
Status:
Malicious
First seen:
2016-06-20 07:19:00 UTC
AV detection:
21 of 29 (72.41%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious behavior: MapViewOfSection
Suspicious use of WriteProcessMemory
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments