MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e731b927c5495ac3c0255b048dd5c0df742658beaab3051acc077e751cefd024. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: e731b927c5495ac3c0255b048dd5c0df742658beaab3051acc077e751cefd024
SHA3-384 hash: 33faa10ae937356eea2323825973150f1ac83effaae918cee2ceee79881247fca5a172ecb56414ca3165496189286f39
SHA1 hash: bc32d211d743ebf25b1b85aa2b1d064c774d5982
MD5 hash: b39e62bc394874ceaa28fcaa1b236ec8
humanhash: high-yellow-potato-sink
File name:tasks_184.vir
Download: download sample
Signature n/a
File size:217'822 bytes
First seen:2020-07-19 19:45:50 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 15190af80fdd1bcadf9f226a8fdbf626
ssdeep 6144:9ACWa8vE6eMd66krZWUnE0ADbmeG13oX292:9Xz8vneT6krZWzFtG3oX292
TLSH 8F24127153E0B277F69F23B0A555026E1DA3433007312AA3FBCB5EADD01AE815DA6717
Reporter @tildedennis
Tags:tasks


Twitter
@tildedennis
tasks version 184

Intelligence


File Origin
# of uploads :
1
# of downloads :
35
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection:
Clickfraudbot
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
60 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2013-04-20 04:04:00 UTC
AV detection:
23 of 25 (92.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Drops file in Windows directory
Drops file in System32 directory
Adds Run key to start application
Checks whether UAC is enabled
Loads dropped DLL
Deletes itself
Executes dropped EXE
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments