MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 93e7f4109711d62264dd5c292840556786b308a5014b9ef1691bbbabf4ed9aef. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 93e7f4109711d62264dd5c292840556786b308a5014b9ef1691bbbabf4ed9aef
SHA3-384 hash: 5daeb74e7478d1991ee33c954b3e0dab09e6ce5fb8fe30cf1328a8288c8985ac97c4f32ebf2d32ed3ba93e575f565521
SHA1 hash: 4699c0e95bc81681f3c2b3f5be5d51419e310bed
MD5 hash: 6f4f820c07e134f8ac6f7ed0d9f8567e
humanhash: twelve-music-rugby-autumn
File name:zeus 1_1.3.1.1.vir
Download: download sample
Signature ZeuS
File size:63'488 bytes
First seen:2020-07-19 19:28:55 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 8cb0baece236522521a60f5a43a73ea4
ssdeep 1536:/pptIZWfjqomDaX/kkPBSzjszCcVF0+ekO+Ay/MeF:/Xt3kOX/9Sz+Cv+ekv/MA
TLSH C6530227B3E44638F07862FD6961CE4AAB41CDE50F42F71128E49C90E7F9A3249D8DE4
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.3.1.1

Intelligence


File Origin
# of uploads :
1
# of downloads :
21
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Spyware.Zbot
Status:
Malicious
First seen:
2013-10-07 20:01:00 UTC
AV detection:
24 of 25 (96.00%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments