MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ae68aa53a27732eb0803f205fee19d3ca3e8bce7c0ac03d3fb30ab89a46626de. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


ZeuS


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ae68aa53a27732eb0803f205fee19d3ca3e8bce7c0ac03d3fb30ab89a46626de
SHA3-384 hash: c7d939d7f7d2d69108e7342bfb6a4e0ea3c7814ead31ca0d09fa8e06645e4d8461bbe5e52a45c6b8da9896e2ed0ec2d0
SHA1 hash: 752fbb7202fde75f4210710db567bbd337f80d93
MD5 hash: a4fad2f8844d008eea0519128c5145e4
humanhash: diet-fanta-paris-stairway
File name:zeus 2_2.0.3.1.vir
Download: download sample
Signature ZeuS
Create hunting rule
File size:152'631 bytes
First seen:2020-07-19 19:24:11 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash bc62af62848ca0710b328001c42b810a (1 x ZeuS)
ssdeep 3072:9OkUaShptExZsIy3ZwinMji/vanf63+Pas62RS2xfx:kJptEvsIyJluPas7S2b
Threatray 40 similar samples on MalwareBazaar
TLSH 06E3F1463058D148C5A8D431DC8CC8FE1A29BC16DEA97AEB35C43B1F7D36ED6D26881D
Reporter tildedennis
Tags:ZeuS zeus 2


Avatar
tildedennis
zeus 2 version 2.0.3.1

Intelligence

File Origin
# of uploads :
1
# of downloads :
126
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/28152/
Detection(s):
Win.Trojan.Zbot-9637
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
Unknown
Detection:
malicious
Classification:
evad
Score:
76 / 100
Link:
https://www.joesandbox.com/analysis/390173
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ae68aa53a27732eb0803f205fee19d3ca3e8bce7c0ac03d3fb30ab89a46626de/
Threat name:
Win32.Trojan.Zbot
Create hunting rule
Status:
Malicious
First seen:
2011-07-24 08:10:00 UTC
AV detection:
23 of 25 (92.00%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=vzukuu5co4zowcad6ic75ym5hsr6rphhycwahu73gcvytjdge3pa._file
Verdict:
unknown
Similar samples:
01aa2cf8db4badde36f1896d341e31c0fe91a51772f1aa50b9f59ba368973993
ZeuS
2a46e0846fb5b909da9df065c96a2c482075dac2d57bc5bc02d70954e9c7e7da
ZeuS
3758d7565ac1b7a53aaf748872acaff5d93531907d5da6d401446d06a121efd7
ZeuS
82621455e0c9ed9c46f6947beeaf2c5a6962a035eea50b337fad6368b5a6485b
ZeuS
937df0534b995f7141aba04fcf38d7d2bfee307797a0e627047264a142d4f750
ZeuS
9b5b44ded4ede28d92834c4db286780a5628d02597a739ff3633f808d47f0939
ZeuS
9d8dfe823511ffc0ad4556618f8a1b99fd533a06f0323788c7d093efd9446099
ZeuS
acb0ce9651be7099082733999b4f29df902a494d9679c4a6352cac88ec5d0887
ZeuS
b99e2897de9619797de119549af26eea284174a127d0757df613c1157faba6ce
ZeuS
bdcc7aa652bc9e11d479f3637444a623bdc3f013a8009f1b2c98f0b096c0a7ad
ZeuS
+ 30 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/200719-whxssm2fe6/
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Program crash
Suspicious use of SetThreadContext
Adds Run key to start application
Loads dropped DLL
Deletes itself
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Unknown
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/ae68aa53a27732eb0803f205fee19d3ca3e8bce7c0ac03d3fb30ab89a46626de

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://zeusmuseum.com/zeus 2/
Cape
Cape
https://www.capesandbox.com/analysis/28152/

Comments