Analysis
-
max time kernel
148s -
max time network
144s -
platform
windows7_x64 -
resource
win7 -
submitted
19-07-2020 19:22
Static task
static1
Behavioral task
behavioral1
Sample
zloader_1.15.4.0.vir.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
zloader_1.15.4.0.vir.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
zloader_1.15.4.0.vir.exe
-
Size
352KB
-
MD5
a7aeb6dc35eeb3dfae02f9306d6426a1
-
SHA1
1f3fba90f7fc853319f8546568c7f9fbe5f1e0ee
-
SHA256
c7d7e6c6dc477e5fdb2b2a26eed1b53e77d455dbec8df800927a5bae69a2cc10
-
SHA512
3a493c066578f433da6bf2076d057f017d64fc3337a26e6dc327cf3592c8b56f36b855f03254ccadd61d98bcc47bcbe4f8e8e41302c28e746686fcf8f64af6e2
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
zloader_1.15.4.0.vir.exedescription pid process target process PID 1496 wrote to memory of 1636 1496 zloader_1.15.4.0.vir.exe explorer.exe PID 1496 wrote to memory of 1636 1496 zloader_1.15.4.0.vir.exe explorer.exe PID 1496 wrote to memory of 1636 1496 zloader_1.15.4.0.vir.exe explorer.exe PID 1496 wrote to memory of 1636 1496 zloader_1.15.4.0.vir.exe explorer.exe -
Suspicious behavior: MapViewOfSection 2 IoCs
Processes:
zloader_1.15.4.0.vir.exepid process 1496 zloader_1.15.4.0.vir.exe 1496 zloader_1.15.4.0.vir.exe