MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9c01cf666c922c17867f4d2a85d090376c6f82e2c77b16de330d116f147fca59. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 7 File information Yara Comments

SHA256 hash: 9c01cf666c922c17867f4d2a85d090376c6f82e2c77b16de330d116f147fca59
SHA3-384 hash: b9d39aafeb6a572c123c11e9ef648ca88562a6d7a194c2257bead9ce9199bc3019252d1de6354223ffd0587dbc131536
SHA1 hash: 6c21660acf1c1af1eae98aececa607bed5305fe0
MD5 hash: 0797dda9930e3b0a7345984d4fbb9509
humanhash: washington-juliet-blossom-red
File name:zeus 1_1.2.3.1.vir
Download: download sample
Signature ZeuS
File size:544'768 bytes
First seen:2020-07-19 19:40:45 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 7317869d03af58d1e61247d66faab71d
ssdeep 12288:uox9UcsJqj3cW1bpWgSM9n+dPRZXO05us4:V9UfJQf1bIgfWpZX/cs4
TLSH 2DC423CABC5458C4E500287851D2A0BBA6030D3B67574F8EE3B553E98DC3D3BC5BE95A
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.3.1

Intelligence


File Origin
# of uploads :
1
# of downloads :
22
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Spyware.Zbot
Status:
Malicious
First seen:
2012-09-05 17:18:00 UTC
AV detection:
31 of 31 (100.00%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments