MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information Yara Comments

SHA256 hash:	5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331
SHA3-384 hash:	98e728ae6f3fd83e4685910eec9edd8b9c24271e8847dcba93c7c3366d5d1eb857ac621c9e70e9d20ee9f69c1ba9ea83
SHA1 hash:	a6a056dcc3de9c3e1ba1215c6c22aada7afe6ac9
MD5 hash:	99e2d59219540fe0ca1efaa7088d8869
humanhash:	fourteen-washington-edward-zebra
File name:	zeus 1_1.2.6.1.vir
Download:	download sample
Signature	ZeuS
File size:	999'936 bytes
First seen:	2020-07-19 19:45:05 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	3f3518df1dcef6a73468e3b0cc8c37d3
ssdeep	24576:6G6ZBdMxi1bzaSKdd6mYj2tk0juuOrDZWQlvD7B:6rEi1CSKQWvUWQl3B
TLSH	04252342D3F7C725EA9B56751B92C65F84688C78E04687F38CC4BCC6499E9A83EC0763
Reporter	@tildedennis
Tags:	ZeuS zeus 1

@tildedennis

zeus 1 version 1.2.6.1

Intelligence

File Origin

# of uploads :

1

# of downloads :

32

Origin country :

FR

Mail intelligence

No data

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/28360/

Detection(s):

Win.Trojan.Zbot-5808

Result

Verdict:

Malware

Maliciousness:

Behaviour

Sending a custom TCP request

Creating a file in the Windows subdirectories

Enabling the 'hidden' option for recently created files

Unauthorized injection to a system process

Enabling autorun

Result

Threat name:

Unknown

Detection:

malicious

Classification:

n/a

Score:

60 / 100

Link:

https://www.joesandbox.com/analysis/390571

Behaviour

Behavior Graph:

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331/

Threat name:

Win32.Packed.Zbot

Status:

Malicious

First seen:

2012-08-28 09:03:00 UTC

AV detection:

19 of 25 (76.00%)

Threat level

2/5

Detection(s):

Malicious file

Link:

https://www.spamhaus.org/query/hash/kaqpet2jvsmp2gg2rebwmwmmbi6lqrc5tswvzstutq2ywqbk6myq._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/200719-51g14xhgdn/

AV coverage:

81.16%

AV detections:

56 / 69

Link:

https://www.virustotal.com/gui/file/5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331/detection/f-5020f24f49ac98fd18da890366598c0a3cb8445d9cad5cca749c358b402af331-1582110870

Threat name:

Unknown

Score:

1.00

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Link

https://zeusmuseum.com/zeus 1/

Cape

Cape

https://www.capesandbox.com/analysis/28360/

Comments

Login required

You need to login to in order to write a comment. Login with your Twitter account.

No comments found for this malware sample