Analysis
-
max time kernel
130s -
max time network
145s -
platform
windows7_x64 -
resource
win7 -
submitted
19-07-2020 17:24
Static task
static1
Behavioral task
behavioral1
Sample
zloader_1.4.1.0.vir.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
zloader_1.4.1.0.vir.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
zloader_1.4.1.0.vir.exe
-
Size
122KB
-
MD5
4fe348a6793b42a223caac836a16f7ca
-
SHA1
812a2f06977e0d7e59c7e32ce811eab7d3eff9f0
-
SHA256
4e6fa76a7436db34f333229ff4fb355a60a98038702b828c31b38bf70a325a62
-
SHA512
a308aa997d58b51c1fd9c70bbb4d40e1ea6439185de8758ca5373feb5196bcb5f3fe063e10eda27ec461320065c08fd7e876d0543529b1a15005c56c91ae0203
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: MapViewOfSection 2 IoCs
Processes:
zloader_1.4.1.0.vir.exepid process 1612 zloader_1.4.1.0.vir.exe 1612 zloader_1.4.1.0.vir.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
zloader_1.4.1.0.vir.exedescription pid process target process PID 1612 wrote to memory of 364 1612 zloader_1.4.1.0.vir.exe explorer.exe PID 1612 wrote to memory of 364 1612 zloader_1.4.1.0.vir.exe explorer.exe PID 1612 wrote to memory of 364 1612 zloader_1.4.1.0.vir.exe explorer.exe PID 1612 wrote to memory of 364 1612 zloader_1.4.1.0.vir.exe explorer.exe