Zeip[.]rar | Triage

Submit
Reports

Overview

overview

Static

static

1

Zeip.rar

windows7-x64

3

Zeip.rar

windows10-2004-x64

3

Zeip.dll

windows7-x64

Zeip.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Zeip.rar

Resource

win7-20230220-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Zeip.rar

Resource

win10v2004-20230221-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

Zeip.dll

Resource

win7-20230220-en

gozi 20007 banker isfb trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

Zeip.dll

Resource

win10v2004-20230220-en

gozi 20007 banker isfb trojan

windows10-2004-x64

17 signatures

150 seconds

General

Target

Zeip.rar
Size

327KB
MD5

bf33e44727e620db9a9a59af34897b30
SHA1

3d37856e97ccd448980fe2353cd827915ebebfcb
SHA256

c1a5c9bd418096bef1a09ecd02a577cafe3ed242e0cc65159b17c3c5cecec5fa
SHA512

449bf2483a27fb258a9fac65dccbf707fca3e27f33189c4498cda65c3deaf4dbff796da161a9e3ef5c4c12fe4b91448e3c23b7d50ddde0cb3ba35ceda3055abf
SSDEEP

6144:+9YFUzVYbaRV3m/8deYTMVS67XnE/v7IZHXWZxVO/v46+f9:+9GZaRm/8kFv7XnyjSmZWv46+f9

Score

1^/10

Malware Config

Signatures

Files

Zeip.rar
.rar
Zeip.dll
.dll windows x86

1327f719970881469cd7121ac3664f2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertDeleteCertificateFromStore

winmm

midiStreamClose

kernel32

GetUserDefaultLangID
GetModuleFileNameW
GetBinaryTypeW
WaitForSingleObjectEx
FindVolumeClose
AddRefActCtx
GetModuleFileNameA
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
CreateEventA

user32

IsChild
TrackPopupMenuEx
GetFocus
HiliteMenuItem
IsCharAlphaNumericW
SetClipboardData
InflateRect
GetSystemMetrics
AttachThreadInput

advapi32

CryptHashSessionKey
RegOverridePredefKey

powrprof

ReadPwrScheme

gdi32

DeleteObject
CreateFontIndirectA

ole32

OleConvertIStorageToOLESTREAMEx
CoCancelCall

msvcrt

memset

ws2_32

select

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 360KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300.0MB - Virtual size: 300.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy