MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 85c484e63143a822a269e0a5225d4e55f71db303647427ce3fc89cefaad9261a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 85c484e63143a822a269e0a5225d4e55f71db303647427ce3fc89cefaad9261a
SHA3-384 hash: 6972d421e892dae17fe77833232262808296f7d1e35b43f687cdcfe08410d3d20802452d6dca6df1a4323183a4f4e69e
SHA1 hash: 611abe30ecb7b86f1666c4b598457193c31aab74
MD5 hash: 7d7f3e50879eaf40abc74c9d76791308
humanhash: tennessee-vegan-oklahoma-snake
File name:gameover_0.0.0.27.vir
Download: download sample
Signature ZeuS
File size:329'192 bytes
First seen:2020-07-19 17:16:47 UTC
Last seen:2020-07-19 19:14:01 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 55904a9d93ef1744035f5cb61bd03e3a
ssdeep 6144:iwTTuog4DQC6ziRo0sYXkEDm5TsCQIaNEN4xxgB/ixuqFsE6aJZS:nHpF6K1dHUIIaNniB/nq+nam
TLSH 3E64E07BF87419DBDF3AEAF86961C73B069450E10256606BD686C3CE6032A83077325F
Reporter @tildedennis
Tags:gameover ZeuS


Twitter
@tildedennis
gameover version 0.0.0.27

Intelligence


File Origin
# of uploads :
2
# of downloads :
19
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Spyware.Zbot
Status:
Malicious
First seen:
2012-02-06 21:00:00 UTC
AV detection:
25 of 25 (100.00%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Modifies Internet Explorer settings
Suspicious use of UnmapMainImage
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetThreadContext
Adds Run key to start application
Loads dropped DLL
Deletes itself
Executes dropped EXE
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments