MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8dcf148a8c237e56338bf58160abff133b6bceb8e14323b10f41818159ac98d4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 6 File information Yara Comments

SHA256 hash: 8dcf148a8c237e56338bf58160abff133b6bceb8e14323b10f41818159ac98d4
SHA3-384 hash: 7e4b066bd662597b6b71ce6e4d6fe7fdb53bb4538c027304db436d3392322fd5e48278944eb3fcb0da39c548729de2d8
SHA1 hash: 114bc02e49bfd38e25a6c2e59a3528fcdabe1606
MD5 hash: 4ad4ee2b7652ad0bd2cea94c97674d0b
humanhash: hawaii-venus-black-winter
File name:zeus 1_1.2.7.13.vir
Download: download sample
Signature ZeuS
File size:456'192 bytes
First seen:2020-07-19 19:36:53 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 972c6e60a8839119f8253057b4a2fcee
ssdeep 12288:5lNYR3tQx1JXQA4LPhtWCG+XACg3o5HiSu:5/sdQx1JXS1tWUwN
TLSH 06A4021F936A48B1D3F1E97D5E807EE8019B10239CD3F0BB880EB71778A55A9449B74E
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.7.13

Intelligence


File Origin
# of uploads :
1
# of downloads :
23
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
60 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Packed.Zbot
Status:
Malicious
First seen:
2014-10-16 15:39:00 UTC
AV detection:
29 of 31 (93.55%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Program crash
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments