gcafe.rar
The file gcafe.rar has been detected as malware by 16 anti-virus scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server. The file has been seen being downloaded from s13.tenlua.vn.
MD5:
035a66512d56d1a7625a3270e1da321a
SHA-1:
43455edac7fbf268d44718d65a9a7d96cae1bf91
SHA-256:
36034b3bd359b1788b84e14afc235cdd2c4c82cb43121fb7b1eae90faad3704b
Scanner detections:
16 / 68
Analysis date:
1/15/2025 4:13:41 AM UTC (today)
Scan engine
Detection
Engine version
Avira AntiVirus
TR/Strictor.527745
8.3.2.2
avast!
Win32:Malware-gen
2014.9-151118
Baidu Antivirus
Trojan.Win32.Generic
4.0.3.151118
Bkav FE
W32.HfsAtITA
1.3.0.7383
Clam AntiVirus
Win.Trojan.7691876
0.98/21065
G Data
Win32.Trojan.Agent.3KBYE4
15.11.25
IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.9.5.0
K7 AntiVirus
Trojan
13.211.17602
Malwarebytes
Trojan.Spy.Zbot.AI
v2015.11.18.01
McAfee
Trojan.Artemis!865DE73E46F7
18.0.204.0
NANO AntiVirus
Trojan.Script.AutoIt.dcckyk
0.30.26.3947
Panda Antivirus
Trj/CI.A
15.11.18.01
Qihoo 360 Security
HEUR/QVM11.1.Malware.Gen
1.0.0.1015
Trend Micro
TROJ_GE.B01FE51A
10.465.18
VIPRE Antivirus
Trojan.Win32.Generic
44710
File size:
1.6 MB (1,649,382 bytes)
Common path:
C:\users\{user}\downloads\gcafe.rar
The file gcafe.rar has been seen being distributed by the following URL.