MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fa455fbe41daf5cad4c91c593ceb24a178a956bc57dbc23d8da4420233e28824. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: fa455fbe41daf5cad4c91c593ceb24a178a956bc57dbc23d8da4420233e28824
SHA3-384 hash: 877beb819c4496beca55a9aed61ba25ab07084c5d36f82472a0a25c6dfe4d8d348c82912cd865f1edf1f93d66b283ecf
SHA1 hash: ff900897793414bf7b5a79f7780f63edc4d01c9c
MD5 hash: 227f68fac3992ae31b4a1ebc456a163b
humanhash: wyoming-artist-fix-berlin
File name:tasks_186.vir
Download: download sample
Signature n/a
File size:221'420 bytes
First seen:2020-07-19 19:43:28 UTC
Last seen:2020-07-19 20:46:11 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 8da75f2c621a9df467528573f9c8f769
ssdeep 6144:0HvQVaYzjoAUqlpOkxgiO0RHwvWFwtcPqvoVHEfJJjUQ+:oQs0jo0pO4JH+tcucHEfvoQ+
TLSH BF241212F4468114C017477601E93F3369BF6DB0232D94CB268498B5E67A3F39DADABB
Reporter @tildedennis
Tags:tasks


Twitter
@tildedennis
tasks version 186

Intelligence


File Origin
# of uploads :
2
# of downloads :
31
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Sending a custom TCP request
Unauthorized injection to a recently created process
Connection attempt to an infection source
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
60 / 100
Behaviour
Behavior Graph:
Threat name:
Win32.Trojan.Zbot
Status:
Malicious
First seen:
2013-05-07 09:42:00 UTC
AV detection:
21 of 25 (84.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Modifies Internet Explorer settings
Drops file in Windows directory
Drops file in System32 directory
Checks whether UAC is enabled
Adds Run key to start application
Deletes itself
Loads dropped DLL
Executes dropped EXE
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments