MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f4e66813b40d4afceab66f9a176e7098016cd7bf38e49ec886c5c09b7b3716de. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 7 File information Yara Comments

SHA256 hash: f4e66813b40d4afceab66f9a176e7098016cd7bf38e49ec886c5c09b7b3716de
SHA3-384 hash: 759549e4dac966a917ca61f10c2fc30bdceb3cc227ded05d78d20a6846380e72f6e67b2985bfd37cd094dfed6fa73587
SHA1 hash: a9873c847b39bb5f623f964f39eb885583a489bb
MD5 hash: d00127c1b1876fec58669c2f7be41b55
humanhash: iowa-east-mobile-nineteen
File name:zeus 1_1.2.7.14.vir
Download: download sample
Signature ZeuS
File size:81'408 bytes
First seen:2020-07-19 19:30:28 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash b36c2c7e6eca1eafc043a9a8b506b694
ssdeep 1536:bsyFkYGgCy+aZnhXNzNjPC3sg2v5KOsVsvFrX9/jT7sOjKuUlfC/QeUfalfC/Qe8:bsQkYYylJh5Njql2xAsvFrpLsOjOhDU7
TLSH A783E1BE3D682CC6C89DD73E6775E91AD784C2928517F9231DD8EC8E59DC99300A8BC0
Reporter @tildedennis
Tags:ZeuS zeus 1


Twitter
@tildedennis
zeus 1 version 1.2.7.14

Intelligence


File Origin
# of uploads :
1
# of downloads :
22
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2011-06-15 04:22:00 UTC
AV detection:
24 of 25 (96.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Program crash
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments