MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a3acf9fe9ff9fe3ddd9f458a45e6eace5542f758ff7b6fa25552a88cea85304b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: a3acf9fe9ff9fe3ddd9f458a45e6eace5542f758ff7b6fa25552a88cea85304b
SHA3-384 hash: 381cc7e10c5ae83862a430be9ee6b3116ad37827b3fbb8c61162af397d41336615bb54f7cf35894c14ba24c9706c1519
SHA1 hash: 8df4881b430a2343247d8eb23bb37a887b064ab7
MD5 hash: 2c8ace0fb05232688a4105ebd59cc7ef
humanhash: pasta-artist-washington-earth
File name:unnamed 2_2.0.8.15.vir
Download: download sample
Signature n/a
File size:138'176 bytes
First seen:2020-07-19 16:47:46 UTC
Last seen:2020-07-19 19:11:23 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 5c320b21e2b70fb79462eabbcf3e16d7
ssdeep 3072:m6VBg06zxjUdO2zhD9GchahK4vvhpVhlIAwiS85w5rbWJn8P848iUBn:hCz1D2zhDYlrvJwAnWbWJno847e
TLSH FAD312E79C9ADA93FF6ADEFA034B9658163C3BE936B885C9171D23C790701E1144A307
Reporter @tildedennis
Tags:unnamed 2


Twitter
@tildedennis
unnamed 2 version 2.0.8.15

Intelligence


File Origin
# of uploads :
3
# of downloads :
20
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Spyware.Zbot
Status:
Malicious
First seen:
2012-12-26 01:37:00 UTC
AV detection:
28 of 31 (90.32%)
Threat level
  2/5
Result
Malware family:
n/a
Score:
  8/10
Tags:
upx
Behaviour
UPX packed file
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments