General
-
Target
zeusvm_test002.exe
-
Size
1.4MB
-
Sample
210713-v3nnvrwwva
-
MD5
05dfc8f126418c77521ff45f607257af
-
SHA1
a784ca3c97a83532cf2a2d497365fa8e7fe353cf
-
SHA256
1aab662435a6a2aeadf54ab5c31dbc6560dd4c9332769ed968e3ccf77ae8da68
-
SHA512
1b2d930388c86edc62d7a3614779ed9e04ad1ed0382619f70e470cc1b9faf3a7248c17d6675620c1ba5a9d802d41b533db65435abfda6a567a9b5745fa9288e6
Static task
static1
Behavioral task
behavioral1
Sample
zeusvm_test002.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
zeusvm_test002.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
zeusvm_test002.exe
-
Size
1.4MB
-
MD5
05dfc8f126418c77521ff45f607257af
-
SHA1
a784ca3c97a83532cf2a2d497365fa8e7fe353cf
-
SHA256
1aab662435a6a2aeadf54ab5c31dbc6560dd4c9332769ed968e3ccf77ae8da68
-
SHA512
1b2d930388c86edc62d7a3614779ed9e04ad1ed0382619f70e470cc1b9faf3a7248c17d6675620c1ba5a9d802d41b533db65435abfda6a567a9b5745fa9288e6
-
Luminosity
Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-