MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8d5a770975e52ce1048534372207336f6cc657b43887daa49994e63e8d7f6ce1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information Yara Comments

SHA256 hash: 8d5a770975e52ce1048534372207336f6cc657b43887daa49994e63e8d7f6ce1
SHA3-384 hash: 9fb4b000910cc234a987bd4377bf59eed4e0c0210ba1a8341a5f8df0970b4a85dc14f89f3c408870937d717bc5ce2254
SHA1 hash: dc0b678e9ad7cadd5de907bf80fa351d5d3347cc
MD5 hash: 306212efebc6ac92000687393e56a5cb
humanhash: white-xray-mexico-oxygen
File name:JtVhjtbGMAbrWft.dll
Download: download sample
Signature n/a
File size:877'056 bytes
First seen:2020-04-07 06:59:21 UTC
Last seen:2020-04-25 21:10:03 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash 6ed1362d2f62c2a62f8ce939441162da
ssdeep 6144:wNh2LRR/Q+rZfc/vsKlioIExDGQGDTiSssbtC4h:iERRzrGnsK4MGQgTiSssJVh
TLSH 511518279D8F85B2C3766B3F0903359216273C9A25F3A596362EFAE46C70F214D46F12
Reporter @Racco42
Tags:dll ZLoader

Intelligence


File Origin
# of uploads :
3
# of downloads :
37
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Zload
Status:
Malicious
First seen:
2020-04-07 07:36:43 UTC
AV detection:
26 of 31 (83.87%)
Threat level
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

DLL dll 8d5a770975e52ce1048534372207336f6cc657b43887daa49994e63e8d7f6ce1

(this sample)

  
Delivery method
Other

Comments