MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7a0eadac8671732b6d1d6de37fa37cbf0cab61af3b9720bce64734bd4ac4f19e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 7a0eadac8671732b6d1d6de37fa37cbf0cab61af3b9720bce64734bd4ac4f19e
SHA3-384 hash: e0d48f7fa8eb590f8c7492f181cc2ea3485e68572f2cd83e0fc84f28a755847f0ce0eeefc92fe39578f51ac46b521f7f
SHA1 hash: 0ce7cb4fe4d2219947ffc6f3b3b85bb4adfbc95e
MD5 hash: 5a45eed010e1bf8b28185432898dbc4e
humanhash: ten-triple-happy-sixteen
File name:zeus 1_1.3.3.3.vir
Download: download sample
Signature ZeuS
File size:119'296 bytes
First seen:2020-07-19 19:29:06 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash d898bfe3521e6378ca064d2d4d61ccda
ssdeep 3072:SPA6J70f4+Q8+dJJdsFbbCTQ1RSY8e1LoNw2cLVSwnUB:20fk8+kGTQ1RSHe1LoVShU
TLSH 03C312C8736E694EC7C6C33860D789DA476D2DCED8152B9E2E82842DFD84DCB565A2C0
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.3.3.3

Intelligence


File Origin
# of uploads :
1
# of downloads :
19
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Gathering data
Detection(s):
Result
Verdict:
Malware
Maliciousness:
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2011-06-03 03:56:00 UTC
AV detection:
25 of 29 (86.21%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  10/10
Tags:
persistence
Behaviour
Suspicious behavior: EnumeratesProcesses
Drops file in System32 directory
Modifies WinLogon for persistence
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments