MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 54699b6f92a568d3a2b5590d2b5d821345b413d1d44fe1ac34ebb9557b746a14. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 7 File information Yara Comments

SHA256 hash: 54699b6f92a568d3a2b5590d2b5d821345b413d1d44fe1ac34ebb9557b746a14
SHA3-384 hash: d880da069b1b851873352377e54d77ca6516db9204df5d43454e7f4ab0bbb3e685473bae6ba37810e3810188e01a2630
SHA1 hash: 51d7d59aaf634f1c1375c228fcc529a8a1879821
MD5 hash: 6299f55a6dc658d6de6ffb04bd964562
humanhash: finch-one-uncle-fanta
File name:zeus 1_1.2.3.0.vir
Download: download sample
Signature ZeuS
File size:387'584 bytes
First seen:2020-07-19 19:35:40 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash df4841646d1204d671fc7d09435bfc5f
ssdeep 6144:kZlriqZ00J8r0BbV7CBiSCsHnkZD3KbYICaJsXAviAPahAu+HMVTVIMIoP/:qlj/J8r07kikGI4AviAPbxMpVGy
TLSH 9984238460767C03FB11DE7C1AE7CE75A5B28873F287991B2BAFA127973070238D9910
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.3.0

Intelligence


File Origin
# of uploads :
1
# of downloads :
24
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
60 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2011-07-23 08:30:00 UTC
AV detection:
24 of 25 (96.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious use of UnmapMainImage
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments