General
-
Target
SecuriteInfo.com.Variant.Zusy.307926.26624.1627
-
Size
579KB
-
Sample
200630-arjtw3tkmx
-
MD5
09d36e00dae946e89fa442c410359e92
-
SHA1
990cb82fd620d8b5a0fd8e11be067532d31a4e04
-
SHA256
17ddc83d49b6cd1d511e8c5498c44d8b4bdbbb69b13011a180f8bded117ff2f7
-
SHA512
6f8782c482a5d2d3767d64f09146c1da1b4500a4bcbf87dae86896407582a6e90c35146746013b9440955f7ba578eafa266102c5f7cb3eda3a9d5d7e333bfbb8
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Zusy.307926.26624.1627.dll
Resource
win7
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Variant.Zusy.307926.26624.1627
-
Size
579KB
-
MD5
09d36e00dae946e89fa442c410359e92
-
SHA1
990cb82fd620d8b5a0fd8e11be067532d31a4e04
-
SHA256
17ddc83d49b6cd1d511e8c5498c44d8b4bdbbb69b13011a180f8bded117ff2f7
-
SHA512
6f8782c482a5d2d3767d64f09146c1da1b4500a4bcbf87dae86896407582a6e90c35146746013b9440955f7ba578eafa266102c5f7cb3eda3a9d5d7e333bfbb8
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-