MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7a791902583a1b559ffc90bb0be67c9eacd05b780f39336e94c815babb746b2e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 7a791902583a1b559ffc90bb0be67c9eacd05b780f39336e94c815babb746b2e
SHA3-384 hash: 54e909b0c62b58a4d69bd7d0581d281a4f57cb834107706cdc34287b251c60e8e3a3fc2a6234a079dfe2cbc362912a20
SHA1 hash: 1743a691736e46cd5b1a136501b2c443bc62adaf
MD5 hash: 6cdd1e3eb01664e31d739648a3e359d2
humanhash: don-five-don-lima
File name:zeus 1_1.2.9.0.vir
Download: download sample
Signature ZeuS
File size:109'056 bytes
First seen:2020-07-19 19:24:07 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 67da0a54361d620c240bca8591ae2c5b
ssdeep 1536:usJCqaZwLQS5jcIzxEdMbpYcAExgnxRviJSSCe0PHM4gy2afmqL5jVLJrF/I4rYe:yJZwLSggRvYRCLPsDaTrvhUXm/
TLSH DFB30296A27325D4E0D11C30978D13432EADDF7A1AF9D7B346DA9A273E8208D9D243F4
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.9.0

Intelligence


File Origin
# of uploads :
1
# of downloads :
17
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a file in the Windows subdirectories
Enabling the 'hidden' option for recently created files
Unauthorized injection to a system process
Enabling autorun
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2013-04-01 01:19:00 UTC
AV detection:
26 of 31 (83.87%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  10/10
Tags:
persistence
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Program crash
Drops file in System32 directory
Modifies WinLogon for persistence
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments