home

{073e3f7c-d387-4d95-bd9c-2f1bfb8f3e2b}

The file {073e3f7c-d387-4d95-bd9c-2f1bfb8f3e2b} has been detected as malware by 38 anti-virus scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server.
MD5:
09b90af4913854f761e461fd8d3e5a06

SHA-1:
5f10b4a0c8f7adaa584db7a12882f6a3ece7b026

SHA-256:
3ee57ce3e84fdd7f561e028de3ec9dec0982e9a7b89fd4f8f92fea3727628ec6

Scanner detections:
38 / 68

Status:
Malware

Analysis date:
4/26/2024 8:24:44 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Spy.ZBot.FGD
856

Agnitum Outpost
TrojanSpy.Zbot
7.1.1

AhnLab V3 Security
Spyware/Win32.Zbot
2014.09.19

Avira AntiVirus
TR/Spy.A.6512
7.11.173.30

avast!
Win32:Zbot-NRC [Trj]
2014.9-141002

AVG
Zbot
2015.0.3334

Baidu Antivirus
Trojan.Win32.Zbot
4.0.3.14102

Bitdefender
Trojan.Spy.ZBot.FGD
1.0.20.1375

Clam AntiVirus
Trojan.Spy.Zbot-142
0.98/21411

Comodo Security
TrojWare.Win32.Zbot.NEWA
19547

Dr.Web
Trojan.PWS.Panda.2401
9.0.1.0275

Emsisoft Anti-Malware
Trojan.Spy.ZBot.FGD
8.14.10.02.03

ESET NOD32
Win32/Spy.Zbot.AAO
8.10439

Fortinet FortiGate
W32/Zbot.AT!tr
10/2/2014

F-Prot
W32/Zbot.BR.gen
v6.4.7.1.166

F-Secure
Trojan.Spy.ZBot.FGD
11.2014-02-10_5

G Data
Trojan.Spy.ZBot.FGD
14.10.24

IKARUS anti.virus
Trojan-Spy.Win32.Zbot
t3scan.1.7.8.0

K7 AntiVirus
Backdoor
13.183.13417

Kaspersky
Trojan-Spy.Win32.Zbot
14.0.0.3164

Malwarebytes
Trojan.Zbot
v2014.10.02.03

McAfee
PWS-Zbot.gen.vo
5600.6990

Microsoft Security Essentials
TrojanDownloader:Win32/Recslurp.B
1.11005

MicroWorld eScan
Trojan.Spy.ZBot.FGD
15.0.0.825

NANO AntiVirus
Trojan.Win32.Panda.bqoxse
0.28.2.62151

Norman
ZBot.VAL
11.20141002

nProtect
Trojan/W32.Agent.226304.II
14.09.18.01

Panda Antivirus
Generic Malware
14.10.02.03

Qihoo 360 Security
Malware.QVM20.Gen
1.0.0.1015

Quick Heal
TrojanPWS.Zbot.Gen
10.14.14.00

Rising Antivirus
PE:Stealer.Zbot!1.648A
23.00.65.14930

Sophos
Mal/Zbot-HX
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-MalPE
10325

Total Defense
Win32/Zbot.BdERMZC
37.0.11187

Trend Micro House Call
TSPY_ZBOT.SMQF
7.2.275

Trend Micro
TSPY_ZBOT.SMQF
10.465.02

Vba32 AntiVirus
SScope.Trojan.FakeAV.01110
3.12.26.3

VIPRE Antivirus
Trojan-PWS.Win32.Zbot.aac
33236

File size:
221 KB (226,304 bytes)

File PE Metadata
Compilation timestamp:
11/9/2012 1:14:23 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:w0i0DhtSlqqDLPyOz2fODvcDjoG1oPKajg3GqVmnO76kz:w0i0DhtBqnH20cDjoGyPKaE3Dd7Xz

Entry address:
0x2B055

Entry point:
E9, 0A, EF, FE, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
208 KB (212,992 bytes)

Remove {073e3f7c-d387-4d95-bd9c-2f1bfb8f3e2b} - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.