MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8afa8c9fc4f0d3c24dfc03477fb93c5df5e1c75b3926e5127a3d4aca6fa43a83. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 8afa8c9fc4f0d3c24dfc03477fb93c5df5e1c75b3926e5127a3d4aca6fa43a83
SHA3-384 hash: eb2bbeeb1943d0f33af519b7af2c7a3ea8177c1e3c740eb4b9ecebd78435921182de03213b11eb4e2df55ebd07006bc7
SHA1 hash: 45131fff959d36d51c5ba07b369ffa9a2db32499
MD5 hash: 88adb0b457ea881c4b09ee65a8ee72f6
humanhash: fish-gee-hydrogen-quebec
File name:zloader 2_1.0.14.0.vir
Download: download sample
Signature ZLoader
File size:133'632 bytes
First seen:2020-07-19 19:45:25 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 318f9d9b26038fd22f8e887bf75745de
ssdeep 3072:+355Ep20RR86V+MONNSfOi98h28BnyZpEp1G/S1Okf:+35Op20CvSmHh28BnyC1GK1x
TLSH 0CD308165838C534EA10017879AD77BF8D65822C3B179BAF9760C0C46FEC5A07EAF16E
Reporter @tildedennis
Tags:ZLoader zloader 2


Twitter
@tildedennis
zloader 2 version 1.0.14.0

Intelligence


File Origin
# of uploads :
1
# of downloads :
31
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2020-01-29 13:20:01 UTC
AV detection:
26 of 31 (83.87%)
Threat level
  2/5
Result
Malware family:
zloader
Score:
  10/10
Tags:
family:zloader
Behaviour
Zloader family
Malware Config
Extraction:
https://thoughtlibrary.top/library/topikpost.php
https://islacangrejo.fun/library/topikpost.php
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments