MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8b5da3fc469190ecae7156e694ac61fdc4d23aa9f04e55e877c058a1e5e94b11. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 8b5da3fc469190ecae7156e694ac61fdc4d23aa9f04e55e877c058a1e5e94b11
SHA3-384 hash: 2104f74b45736eaa485ad3d2076fc16ce3678da96d7df3a5b6b2dd82c0455467baabee50ac912b51108efe21fcea2bde
SHA1 hash: fd886adc026712844eb07dfe9f59155a3ea369d4
MD5 hash: 2e0c45213c4d4f40f34e71a592b696a8
humanhash: carpet-snake-massachusetts-blue
File name:zeus 1_1.2.5.1.vir
Download: download sample
Signature ZeuS
File size:209'920 bytes
First seen:2020-07-19 19:30:37 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 5a498eee87e4d89512a84502f500181f
ssdeep 6144:Rga6Qfxl82LzCJbcUusYmQKZaX5bF9mj0wkEDuuca:Rv6oz3CJQUu0Qjr405EDuNa
TLSH 6F241273E736C6C9DF4A0AF7D7BC1422E6A47D15863AD9325080853738F2DBA5DA4E02
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.5.1

Intelligence


File Origin
# of uploads :
1
# of downloads :
19
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2014-04-08 02:10:00 UTC
AV detection:
30 of 31 (96.77%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments