MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c6035dfd95b359f00bc421c50365c58f55ffee88ff1f4223cad9d8fd4f9879a7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: c6035dfd95b359f00bc421c50365c58f55ffee88ff1f4223cad9d8fd4f9879a7
SHA3-384 hash: 2c12403f16dbcf186c8f52d95714657f84845c50956e28ca0d5d577a3e08cd2d068910e897e89ed75bbd841eb91af117
SHA1 hash: 55f274ff87a8bfb6eebaaa3e7403239aa21d3a78
MD5 hash: 3bda20fb53a01ce52525f46e44d98328
humanhash: vegan-april-fourteen-enemy
File name:zloader_1.17.3.0.vir
Download: download sample
Signature ZLoader
File size:198'656 bytes
First seen:2020-07-19 17:33:58 UTC
Last seen:2020-07-19 19:20:07 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash a9d672f5498c8b4f389268368ff1e40d
ssdeep 3072:T5lFVdwxb+OBIXIYHe1sY6TEppeoqLi2nHbbXizql4mBfrVBSoO/WRGxqQo5Lr4K:OxbZmHqskp6BHbbXiz25BfrV6oSZN358
TLSH 6B14BE4363A81CB6F2EF4775049E884399A4BDB28BF0D1499FC428DF1C5A6D94A38F53
Reporter @tildedennis
Tags:ZLoader


Twitter
@tildedennis
zloader version 1.17.3.0

Intelligence


File Origin
# of uploads :
2
# of downloads :
22
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Injector
Status:
Malicious
First seen:
2017-05-19 02:01:00 UTC
AV detection:
26 of 31 (83.87%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Suspicious behavior: EnumeratesProcesses
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments