× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b605c9a797aae6975ad783c4d0b7709dfd4facb33816299d47369e362a09854e
File name: ZeuS_binary_122d32cf91a5f6a545496e0c7c64355f.exe.gz
Detection ratio: 46 / 57
Analysis date: 2019-02-05 16:36:42 UTC ( 3 months, 2 weeks ago )
Antivirus Result Update
AegisLab Trojan.Win32.Zbot.l!c 20190205
AhnLab-V3 Trojan/Win32.Zbot.R4880 20190205
ALYac Trojan.Spy.Zbot.FJB 20190205
Antiy-AVL Trojan[Spy]/Win32.Zbot.capz 20190205
Arcabit Trojan.Spy.Zbot.FJB 20190205
Avast Sf:Crypt-BT [Trj] 20190205
AVG Sf:Crypt-BT [Trj] 20190205
Avira (no cloud) TR/SPY.A.8473 20190205
Baidu Win32.Trojan.Zbot.a 20190202
BitDefender Trojan.Spy.Zbot.FJB 20190205
Bkav W32.CleanspyC.Trojan 20190201
CAT-QuickHeal Trojan.Zbot.AJ3 20190205
ClamAV Win.Spyware.Zbot-1275 20190205
CMC Trojan-Spy.Win32.Zbot!O 20190205
Comodo TrojWare.Win32.Kazy.MKD@4qchol 20190205
Cyren W32/Zbot.BR.gen!Eldorado 20190205
DrWeb Trojan.PWS.Panda.4795 20190205
Emsisoft Trojan.Spy.Zbot.FJB (B) 20190205
ESET-NOD32 Win32/Spy.Zbot.YW 20190205
F-Prot W32/Zbot.BR.gen!Eldorado 20190205
F-Secure Trojan-Spy:W32/Zbot.AVTH 20190205
Fortinet W32/Zbot.AT!tr 20190205
GData Win32.Trojan-Spy.Zbot.DB 20190205
Ikarus Trojan-Spy.Win32.Zbot 20190205
Sophos ML heuristic 20181128
Jiangmin TrojanSpy.Zbot.ayai 20190205
K7AntiVirus Riskware ( 0015e4f11 ) 20190205
Kaspersky Trojan-Spy.Win32.Zbot.biwp 20190205
MAX malware (ai score=87) 20190205
McAfee PWS-Zbot.gen.ds 20190205
McAfee-GW-Edition BehavesLike.PWSZbot.mc 20190205
Microsoft PWS:Win32/Zbot!CI 20190205
eScan Trojan.Spy.Zbot.FJB 20190205
NANO-Antivirus Trojan.Win32.Zbot.rhehs 20190205
Panda Trj/WLT.A 20190205
Qihoo-360 Win32/Trojan.Spy.d40 20190205
Rising Stealer.Zbot!1.648A (CLOUD) 20190205
Sophos AV Troj/PWS-BSF 20190205
Symantec SecurityRisk.gen1 20190205
Tencent Trojan.Win32.Zbot.aaw 20190205
TrendMicro TSPY_ZBOT.SMIG 20190205
TrendMicro-HouseCall TSPY_ZBOT.SMIG 20190205
VBA32 SScope.Trojan.FakeAV.01110 20190205
Yandex TrojanSpy.Zbot!DBnrKwzehug 20190204
ZoneAlarm by Check Point Trojan-Spy.Win32.Zbot.biwp 20190205
Zoner Trojan.Win32.23556 20190205
Acronis 20190130
Ad-Aware 20190205
Alibaba 20180921
Avast-Mobile 20190205
Babable 20180918
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190205
eGambit 20190205
Endgame 20181108
Kingsoft 20190205
Malwarebytes 20190205
Palo Alto Networks (Known Signatures) 20190205
SentinelOne (Static ML) 20190203
SUPERAntiSpyware 20190130
TACHYON 20190205
TheHacker 20190203
Trapmine 20190123
Trustlook 20190205
VIPRE 20190205
ViRobot 20190205
Webroot 20190205
Zillya 20190204
The file being studied is a compressed stream! More specifically, it is a GZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Decompressed file content
Compression metadata
Contained files
1
Uncompressed size
141824
Highest datetime
Lowest datetime
ExifTool file metadata
MIMEType
application/x-gzip

ExtraFlags
(none)

ModifyDate
2015:03:23 19:52:34+01:00

Compression
Deflated

FileType
GZIP

Flags
FileName

FileTypeExtension
gz

ArchivedFileName
ZeuS_binary_122d32cf91a5f6a545496e0c7c64355f.exe

OperatingSystem
Unix

Compressed bundles
File identification
MD5 0163dd057fb91d74c71d22c6bd67841f
SHA1 00ed2b624e3c651e2a82fd94c3eafef5c6fb3bcc
SHA256 b605c9a797aae6975ad783c4d0b7709dfd4facb33816299d47369e362a09854e
ssdeep
1536:8do9Dl1CYIeJkOlqnfOJzraSUNe0n463wYPf3RWmVXI7FHNNQ9CxgX09LrUtELda:CCl1CYk0Y2JnUNb463wMcmVI7FtoYguQ

File size 88.6 KB ( 90762 bytes )
File type GZIP
Magic literal
gzip compressed data, was "ZeuS_binary_122d32cf91a5f6a5454", from Unix, last modified: Mon Mar 23 19:52:34 2015

TrID GZipped data (100.0%)
Tags
gzip contains-pe

VirusTotal metadata
First submission 2015-03-31 00:19:13 UTC ( 4 years, 1 month ago )
Last submission 2015-03-31 00:19:13 UTC ( 4 years, 1 month ago )
File names ZeuS_binary_122d32cf91a5f6a545496e0c7c64355f.exe.gz
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!