MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b44cd4e38caab3aec3cd634a10f62e36021628ae9a16c0a577ce011fcf22b46f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: b44cd4e38caab3aec3cd634a10f62e36021628ae9a16c0a577ce011fcf22b46f
SHA3-384 hash: a377bef39d92ff8925900e8bc7e31a44739cf3980f683a5bfbdf0550182c5558876b4a684198ea0cc0257618a33f2363
SHA1 hash: 78eb2907d228bcd096dd93b57519ed5cc437daf1
MD5 hash: 5cfcfef64c25701e6c9b02f8d0bd9579
humanhash: white-tango-lithium-monkey
File name:zloader_1.17.1.0.vir
Download: download sample
Signature Chthonic
File size:169'984 bytes
First seen:2020-07-19 17:34:34 UTC
Last seen:2020-07-19 19:20:17 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 9ab4a913eec58854da429fc36cdda862
ssdeep 3072:KJ0layb+L3Qxc9gTcCUVOThi/RnZGio5O3itPbirNP2:KJ0CjOc6cVQ27jo5YitiO
TLSH A8F3E0A01BD01848E9670F7C98224D4ECE99BD528BE6C8108EF4D979613F6D2E53BF53
Reporter @tildedennis
Tags:Chthonic ZLoader


Twitter
@tildedennis
zloader version 1.17.1.0

Intelligence


File Origin
# of uploads :
2
# of downloads :
23
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Zeus
Status:
Malicious
First seen:
2017-04-11 00:43:29 UTC
AV detection:
28 of 29 (96.55%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Suspicious behavior: EnumeratesProcesses
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments