Overview

overview

7

Static

static

7

Zeus 0.2.exe

windows7-x64

7

Zeus 0.2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Zeus 0.2.exe

  • Size

    18.2MB

  • Sample

    230318-abwjxaae44

  • MD5

    1e97f6146a4c217ec9a28bfaee9fea07

  • SHA1

    6d3c051502dd24e6ff671dea5e973eb08108c3f6

  • SHA256

    72f4ad18fe9b73073d10ea4b8efea0f0f9c148e823388dc7fda4677b28a5dc69

  • SHA512

    4bf7846b8bc33a7444b5db464be85f593432dd8578cedeb332227e4b746ee67160f0dda57dc7c637c79da060cfa2a4a445d296ea6f3c7ad9a7fb851966fc081e

  • SSDEEP

    393216:aGpv+yh9ROf731uB74xoB+yyBhQFMgqS0XvZSVP0Feh1Kc:7vl473C4okPLQCgpIY1yc

Score
7/10
agilenetvmprotect

Malware Config

Targets

    • Target

      Zeus 0.2.exe

    • Size

      18.2MB

    • MD5

      1e97f6146a4c217ec9a28bfaee9fea07

    • SHA1

      6d3c051502dd24e6ff671dea5e973eb08108c3f6

    • SHA256

      72f4ad18fe9b73073d10ea4b8efea0f0f9c148e823388dc7fda4677b28a5dc69

    • SHA512

      4bf7846b8bc33a7444b5db464be85f593432dd8578cedeb332227e4b746ee67160f0dda57dc7c637c79da060cfa2a4a445d296ea6f3c7ad9a7fb851966fc081e

    • SSDEEP

      393216:aGpv+yh9ROf731uB74xoB+yyBhQFMgqS0XvZSVP0Feh1Kc:7vl473C4okPLQCgpIY1yc

    Score
    7/10
    agilenetvmprotect

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks