Page 13 of 29

Re: Trojan Zeus (alias ZBot)

PostPosted:Tue Aug 14, 2012 12:28 pm
by Evilcry
SHA256: 9f5d3033392671e5b545461fb90370ff2f40d2378b8029a0022aa95c187b656d
SHA1: e325aec4539dd69b727db5c21febf5932e47a808
MD5: f4a01eb1739624041556980d0c80b82b

https://www.virustotal.com/file/9f5d303 ... 344946212/

Detection ratio: 3 / 42

Provenience: Compromised Web Server

Target Countries (Banks, etc.): Japan, Germany, Italy, Poland, other various .com (probably UK and USA)

Re: Trojan Zeus (alias ZBot)

PostPosted:Sat Aug 25, 2012 7:24 am
by Evilcry
SHA256: f24273a466d8543357959feca85441fd3c621ee170439a3a6aebcf1d9830df07
SHA1: cae319a34dc0659ec948e662399ecd44c3e40396
MD5: 4e198dcc2a1a74b5c23ea16095a0a68d

Detection: 5 / 42

https://www.virustotal.com/file/f24273a ... 345877208/

Targets: Germany, Italy, Poland, UK, USA

Re: Trojan Zeus (alias ZBot)

PostPosted:Sun Aug 26, 2012 8:21 am
by Evilcry
Following sample is an updated version of the one mentioned in the previous post.

SHA256: b7bbb0d1e03b1b8dd8d8c62317e52910a610b429c82e9a0afef84a1fd19e0e22
SHA1: 7b0d57a745b23376035f1b9b90af41cd495fdb77
MD5: 220b9661371e1728e366b4e00d41580d

Detection: 0/40

https://www.virustotal.com/file/b7bbb0d ... 345968230/

Targets: Unchanged

The domain containing the executable is reported below:

http://www.phishtank.com/phish_detail.p ... id=1539409

Re: Trojan Zeus (alias ZBot)

PostPosted:Mon Aug 27, 2012 4:05 pm
by Aleksandra
MD5: 0d6eb87ce2267ad4e079d3710562960f
SHA1: 7298bccc75876ad088d1843aaf62fb7f1e410784
1/42

Re: Trojan Zeus (alias ZBot)

PostPosted:Thu Aug 30, 2012 12:30 pm
by markusg
4x zbot from infected pc

Re: Trojan Zeus (alias ZBot)

PostPosted:Mon Sep 17, 2012 4:58 am
by nullptr
Zbot
SHA1: 0fcd206f18af66a14456ad5dc3fa2d5657e9e81c
MD5: c22d41c077787f2010abbc2b32a66e74

VT - 3/42 https://www.virustotal.com/file/10840ed ... 347857430/
original + unpacked attached

Re: Trojan Zeus (alias ZBot)

PostPosted:Wed Sep 19, 2012 12:22 pm
by Waves97
MD5: e06c6eaab528697406577eada8c6702e
https://www.virustotal.com/file/b59df8f ... 348056754/

Re: Malware Requests, part 2

PostPosted:Wed Sep 26, 2012 1:36 pm
by guelfoweb
A new Zbot variant with antidebug. It not work on virtual machine.

VirusTotal: http://goo.gl/tlKS0
Anubis: http://goo.gl/j3X4f

Re: Trojan Zeus (alias ZBot)

PostPosted:Sun Sep 30, 2012 5:59 am
by EP_X0FF
Symantec: New ZeuS botnet no longer needs central command servers
https://www.networkworld.com/news/2012/ ... 56462.html

Re: Trojan Zeus (alias ZBot)

PostPosted:Tue Oct 02, 2012 7:16 am
by Blaze