MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e3932ab83bc05de2e91d321c4d479ff1aa3d10fdbd91e1687c80cc0ec88270e8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: e3932ab83bc05de2e91d321c4d479ff1aa3d10fdbd91e1687c80cc0ec88270e8
SHA3-384 hash: 05b62c6b96802707554492b07873dcfa8d9f86aa1a2b17a2041fec200375e7a12976e7bfa47c4d15b612bc50c70c723f
SHA1 hash: 157ec7421e1333b714d01a750b6d5d6517a92c45
MD5 hash: e3564138588cba04c873bd054458f8b9
humanhash: oranges-sad-three-vermont
File name:zloader 2_1.0.17.0.vir
Download: download sample
Signature ZLoader
File size:113'664 bytes
First seen:2020-07-19 19:31:34 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
imphash 592c8c97e3aea7f416681fd475fbb664
ssdeep 1536:3ui/9Xb791Wff4K84oeRnobxxm2ShclQaLMin8F5vAC+WEQbAmTjTpeyv0+gPzff:H/J7jWHT/oegcaQF5XEgHbpeyvfgT
TLSH 7EB318414459C170E850007919CEF77E8C1EC62EBF26EAABCBD1C5949FD86B5B07E22D
Reporter @tildedennis
Tags:ZLoader zloader 2


Twitter
@tildedennis
zloader 2 version 1.0.17.0

Intelligence


File Origin
# of uploads :
1
# of downloads :
17
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
ZLoader
Detection:
malicious
Classification:
troj
Score:
72 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2020-02-16 20:33:09 UTC
AV detection:
21 of 31 (67.74%)
Threat level
  2/5
Result
Malware family:
zloader
Score:
  10/10
Tags:
family:zloader
Behaviour
Zloader family
Malware Config
Extraction:
https://fdsjfjdsfjdsjfdjsfh.com/gate.php
https://fdsjfjdsfjdsdsjajjs.com/gate.php
https://idisaudhasdhasdj.com/gate.php
https://dsjdjsjdsadhasdas.com/gate.php
https://dsdjfhdsufudhjas.com/gate.php
https://dsdjfhdsufudhjas.info/gate.php
https://fdsjfjdsfjdsdsjajjs.info/gate.php
https://idisaudhasdhasdj.info/gate.php
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments