MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331
SHA3-384 hash: 98e728ae6f3fd83e4685910eec9edd8b9c24271e8847dcba93c7c3366d5d1eb857ac621c9e70e9d20ee9f69c1ba9ea83
SHA1 hash: a6a056dcc3de9c3e1ba1215c6c22aada7afe6ac9
MD5 hash: 99e2d59219540fe0ca1efaa7088d8869
humanhash: fourteen-washington-edward-zebra
File name:zeus 1_1.2.6.1.vir
Download: download sample
Signature ZeuS
File size:999'936 bytes
First seen:2020-07-19 19:45:05 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 3f3518df1dcef6a73468e3b0cc8c37d3
ssdeep 24576:6G6ZBdMxi1bzaSKdd6mYj2tk0juuOrDZWQlvD7B:6rEi1CSKQWvUWQl3B
TLSH 04252342D3F7C725EA9B56751B92C65F84688C78E04687F38CC4BCC6499E9A83EC0763
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.6.1

Intelligence


File Origin
# of uploads :
1
# of downloads :
32
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a custom TCP request
Creating a file in the Windows subdirectories
Enabling the 'hidden' option for recently created files
Unauthorized injection to a system process
Enabling autorun
Threat name:
Win32.Packed.Zbot
Status:
Malicious
First seen:
2012-08-28 09:03:00 UTC
AV detection:
19 of 25 (76.00%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments