MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7db5dab49e292dc0d82e4ab9d713a6dc9a60b487e192725ff10a174cba39fb52. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara 1 Comments

SHA256 hash: 7db5dab49e292dc0d82e4ab9d713a6dc9a60b487e192725ff10a174cba39fb52
SHA3-384 hash: 3ccf71534425b2b5e11390ea3cd145c599b977664ab6a7b243187de6cf5966c04d0f8b97ff00ac6de79dba95b4f9bc59
SHA1 hash: 70db3d0501cdbcfcffa7035a9e464be2ee725394
MD5 hash: 5656d5172b186f1c766724bc6dc3b0e6
humanhash: yankee-robin-nebraska-mike
File name:zeus 2_2.0.7.1.vir
Download: download sample
Signature ZeuS
File size:147'968 bytes
First seen:2020-07-19 17:34:58 UTC
Last seen:2020-07-19 19:20:25 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 1e761df6a3fc74620c8618cd5391fdf6
ssdeep 3072:U1/ISdEaN73tjTsKwonBCNcbLSDOlcN7O33rv8DOBoPkz8CKYUql:UW0EaYTcbLSMz37UOKPU3h
TLSH 95E312A3B3D558AAE4ABC6340DB20543AFDD9B892C7711453229A60EBD721B72330D5F
Reporter @tildedennis
Tags:ZeuS zeus 2


Twitter
@tildedennis
zeus 2 version 2.0.7.1

Intelligence


File Origin
# of uploads :
2
# of downloads :
22
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
ZeusVM
Detection:
malicious
Classification:
bank.troj
Score:
72 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2013-06-18 02:32:00 UTC
AV detection:
24 of 25 (96.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  8/10
Tags:
upx
Behaviour
UPX packed file
Threat name:
Unknown
Score:
1.00

Yara Signatures


Rule name:suspicious_packer_section
Author:@j0sm1
Description:The packer/protector section names/keywords
Reference:http://www.hexacorn.com/blog/2012/10/14/random-stats-from-1-2m-samples-pe-section-names/

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments