MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a947c216ea52ce23457b3babb1e1eb6275cabe2150d3995553e4de4b8c3d97f4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 4 File information Yara Comments

SHA256 hash: a947c216ea52ce23457b3babb1e1eb6275cabe2150d3995553e4de4b8c3d97f4
SHA3-384 hash: d4a7a7dd3c1887bb0ce7f1f2d131bcdecc3db8a0e4a70ba9d5ad64780a83594f19abbae95d6a6a5efcfcccf93e5a9227
SHA1 hash: f3a25627f925390097a64a84ef34c952fe8af036
MD5 hash: afdf2fbc0756ed304d1a33083a5f2b0f
humanhash: kansas-lemon-kansas-virginia
File name:antiamsi.bin
Download: download sample
Signature ZLoader
File size:330'752 bytes
First seen:2020-04-21 17:56:22 UTC
Last seen:2020-04-21 19:55:43 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash d01c1de5b3809b46e3c55481ecafaf4f
ssdeep 6144:vG9T0nIO6C3XwbT5QOIJSeEY7EkvBeC1G:HIO6TTeO8Sw7Ekv8C
TLSH 2C64AF12A6B1B432F2B349355A71A6A6493B7C625F30D18B1FA0EE5F3E353D1C632712
Reporter @abuse_ch
Tags:exe ZLoader

Intelligence


File Origin
# of uploads :
2
# of downloads :
43
Origin country :
CH CH
Mail intelligence
No data
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Glupteba
Status:
Malicious
First seen:
2020-04-21 18:13:42 UTC
AV detection:
27 of 31 (87.10%)
Threat level
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

ZLoader

Executable exe a947c216ea52ce23457b3babb1e1eb6275cabe2150d3995553e4de4b8c3d97f4

(this sample)

Comments