MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce
SHA3-384 hash:	42f432f46af4e4ef73ba516fc1402c17f96943bb8b99c321e3691ade51ba8f760bc1929bb1f05e522881083c488feba6
SHA1 hash:	82940aa9e2b257b697e50789117e2d20ddc8280a
MD5 hash:	606ccceadcb12bae910af479f64488ee
humanhash:	nitrogen-mike-mississippi-red
File name:	aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce
Download:	download sample
Signature	n/a
File size:	209'408 bytes
First seen:	2020-10-04 16:21:06 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	a889e36ed5e3c99761022f42beee43e1
ssdeep	6144:PWOQ3JiBIN9UxhLKymzGbJMVTIIqEYiHMtZ1oSK:PfQsBVxtKXEJMFIIZYig7oSK
TLSH	5E241307B1DE444AE13BEB7A0B1D48199907F817FD4E8A0E935B145CDE627948E84BFC
Reporter	@tildedennis
Tags:	unnamed 5

@tildedennis

unnamed 5 version 4.3.4.3

Intelligence

File Origin

# of uploads :

# of downloads :

111

Origin country :

Mail intelligence

Gathering data

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/67992/

Result

Verdict:

Malware

Maliciousness:

Behaviour

Launching the default Windows debugger (dwwin.exe)

Sending a UDP request

Result

Threat name:

Unknown

Detection:

malicious

Classification:

n/a

Score:

60 / 100

Link:

https://www.joesandbox.com/analysis/480898

Signature

Antivirus / Scanner detection for submitted sample

Machine Learning detection for sample

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Download SVG

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce/

Threat name:

Win32.Trojan.Zeus

Status:

Malicious

First seen:

2012-02-05 17:47:00 UTC

AV detection:

37 of 40 (92.50%)

Threat level:

5/5

Verdict:

unknown

Result

Malware family:

n/a

Score:

8/10

Tags:

n/a

Link:

https://tria.ge/reports/201004-w4t2hy2zf6/

Behaviour

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Program crash

Unpacked files

SH256 hash:

a6b4d0a242fe0f44d25b1255b8d99239b2b455edac42cbf22d18e90d25bcea7a

MD5 hash:

1a578ab54f848597bbd308bc528991af

SHA1 hash:

88194faaeedb3f4a10d31ea0481daa75015e2e83

Link:

https://www.unpac.me/results/1a5e1a70-99db-482c-ad35-0480ce1480a6/

SH256 hash:

3759c6207c000d35b63e7ba6c3bca3a1de4d7c27e85b9ac42708d4e085226490

MD5 hash:

b7f7a2e573635794617387e28eddfacc

SHA1 hash:

1e008847ad147703a9498d9f56059f7358133672

Link:

https://www.unpac.me/results/1a5e1a70-99db-482c-ad35-0480ce1480a6/

SH256 hash:

aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce

MD5 hash:

606ccceadcb12bae910af479f64488ee

SHA1 hash:

82940aa9e2b257b697e50789117e2d20ddc8280a

Link:

https://www.unpac.me/results/1a5e1a70-99db-482c-ad35-0480ce1480a6/

AV coverage:

53.49%

AV detections:

23 / 43

Link:

https://www.virustotal.com/gui/file/aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce/detection/f-aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce-1328002143

Threat name:

Zbot

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/aed75c1f9c237f679c5ec6eade0403bdab8b4d94d9a51d154a0368dc7cf80fce

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Link

https://zeusmuseum.com/unnamed 5/

Cape

https://www.capesandbox.com/analysis/67992/

Comments

Login required

You need to login to in order to write a comment. Login with your Twitter account.

No comments found for this malware sample