MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


ZeuS


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Add tag Delete this sample Report a False Positive

SHA256 hash: 5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331
SHA3-384 hash: 98e728ae6f3fd83e4685910eec9edd8b9c24271e8847dcba93c7c3366d5d1eb857ac621c9e70e9d20ee9f69c1ba9ea83
SHA1 hash: a6a056dcc3de9c3e1ba1215c6c22aada7afe6ac9
MD5 hash: 99e2d59219540fe0ca1efaa7088d8869
humanhash: fourteen-washington-edward-zebra
File name:zeus 1_1.2.6.1.vir
Download: download sample
Signature ZeuS
Create hunting rule
File size:999'936 bytes
First seen:2020-07-19 19:45:05 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 3f3518df1dcef6a73468e3b0cc8c37d3 (1 x ZeuS)
ssdeep 24576:6G6ZBdMxi1bzaSKdd6mYj2tk0juuOrDZWQlvD7B:6rEi1CSKQWvUWQl3B
TLSH 04252342D3F7C725EA9B56751B92C65F84688C78E04687F38CC4BCC6499E9A83EC0763
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.6.1

Intelligence

File Origin
# of uploads :
1
# of downloads :
1'352
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/28360/
Detection(s):
Win.Trojan.Zbot-5808
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a custom TCP request
Creating a file in the Windows subdirectories
Enabling the 'hidden' option for recently created files
Unauthorized injection to a system process
Enabling autorun
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
60 / 100
Link:
https://www.joesandbox.com/analysis/390571
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Create hunting rule
Link:
https://mwdb.cert.pl/sample/5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331/
Threat name:
Win32.Packed.Zbot
Create hunting rule
Status:
Malicious
First seen:
2012-08-28 09:03:00 UTC
AV detection:
19 of 25 (76.00%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://www.spamhaus.org/query/hash/kaqpet2jvsmp2gg2rebwmwmmbi6lqrc5tswvzstutq2ywqbk6myq._file
Verdict:
unknown
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200719-51g14xhgdn/
AV coverage:
81.16%
AV detections:
56 / 69
Link:
https://www.virustotal.com/gui/file/5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331/detection/f-5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331-1582110870
Threat name:
Unknown
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://zeusmuseum.com/zeus 1/
Cape
Cape
https://www.capesandbox.com/analysis/28360/

Comments