MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6acaee10404d0683e19ba29cea5234766cbd37253c44ade9cc1ca557c3995f3a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara 1 Comments

SHA256 hash: 6acaee10404d0683e19ba29cea5234766cbd37253c44ade9cc1ca557c3995f3a
SHA3-384 hash: 1acd1a86d66c0cbb75d33fb26abed355719ce7e68ac8c952f6b03be7a179d4dfacc149d5f7b26ffeb4e493ad5ee4dc0f
SHA1 hash: b7faabe7c9fcdbe55e73c527144631af12f6ed39
MD5 hash: 9b42742c386c89eb86d2b204fa0f78c5
humanhash: summer-sad-zulu-butter
File name:zeus 1_1.4.2.1.vir
Download: download sample
Signature ZeuS
File size:1'350'048 bytes
First seen:2020-07-19 17:31:07 UTC
Last seen:2020-07-19 19:19:13 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f5d5cbd4a793493658c0385c6926130f
ssdeep 24576:xFvhLoD0pn2Mk01XLuKA4K1PQDNIGnktDPB7qu3YDxlodNZLzv7u:xNhLoApn2MkIbuKXK18xktNqUYgZ7u
TLSH C455337471CB7616EAA2503BA14A441FBA3C243A4A0817DB10F4CD95A9F60E975CFF2F
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.4.2.1

Intelligence


File Origin
# of uploads :
2
# of downloads :
20
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
Unknown
Detection:
malicious
Classification:
phis.evad
Score:
100 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Trojan.Kryptik
Status:
Malicious
First seen:
2013-06-21 19:52:00 UTC
AV detection:
29 of 31 (93.55%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  8/10
Tags:
upx
Behaviour
UPX packed file
Threat name:
Unknown
Score:
1.00

Yara Signatures


Rule name:win_zeus_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments