Analysis Zbot Banking Trojan
This is Zbot malware family of malware. This is banking Trojan which steals user credentials by injecting malicious DLL into Browsers. This has Anti-VM and Anti-debugging techniques embedded in samples. It will drops EXE files with making registry entry for persistence. And has more features which will see in details in below report. Identification File Name sample_1.exe File Size 51,204 bytes File Type PE-EXE MD5 5523530941c409b349ef40fa9415247e SHA1 df7e46e629d2f9f1444298dc9c1350d0ec726817 SHA256 5564bed78d23ad0ad198a0dbbf4196f5fdcc1eb8529673941736db18c3257e0b SSDEEP 1536:kmm/KVQyVwfneeoXtc4awZ/SlcXQ/0WA1hB:kmhOTfneeoFa4/Slcg/0VB Characteristics a. Samples is Customized UPX pack. b. It has Anti-VM and Anti-debugging techniques. c. ...