MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dd11381223ab1902db2963df4cbe3299e42064a5857545560f913647c1f70c5a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 3 File information Yara Comments

SHA256 hash: dd11381223ab1902db2963df4cbe3299e42064a5857545560f913647c1f70c5a
SHA3-384 hash: 3a393d85d74bf76ffc4b9862846ce999c03e6fb585c8417602a67932b29e11019ddca2ae1589334c88c8d6b62269d47e
SHA1 hash: eb6f12759da7aa84077143e3e2694b6fda3d5631
MD5 hash: 133b1861b3590bf00308509227f82872
humanhash: lake-blossom-undress-mobile
File name:1_sample3_0218C084.bin
Download: download sample
Signature n/a
File size:191'488 bytes
First seen:2020-04-25 20:53:07 UTC
Last seen:2020-04-25 21:45:24 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash fb137f28693ffcbb13d636260b46a068
ssdeep 3072:O8mB2nsJqJ5HPF0ld+Y07jvOdhw1qw7Q6xqazzEuE5FHX4paSq0Dx1CP9MOoMuoQ:OnidJ5t0l/+vOU7Q6xNzTE5FINRx1CPQ
TLSH 8B1417056865C170FC42017168DEF73E4C2DC12E3B22ABABCB91C994AFD86B5747E61E
Reporter @viql
Tags:ZLoader


Twitter
@viql
Manually unpacked sample of fa9b3dfdb4b97dfe0db5991472f89399

Intelligence


File Origin
# of uploads :
2
# of downloads :
36
Origin country :
CH CH
Mail intelligence
No data
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2020-04-25 21:35:28 UTC
AV detection:
25 of 31 (80.65%)
Threat level
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

DLL dll dd11381223ab1902db2963df4cbe3299e42064a5857545560f913647c1f70c5a

(this sample)

Comments