General
-
Target
zeus 2_2.1.0.3.vir
-
Size
199KB
-
Sample
200719-14ly3dznas
-
MD5
dc6b98b9707c0922ab6a53b3efdd5dac
-
SHA1
a72e76fbd5dfa53b3d27ed9d9e6d194a085d7d0e
-
SHA256
f55d6bd5f13356eda64fae070a5eee1a080f06a0aa69bdd7e137496d88346be3
-
SHA512
04b730c73876fc89eb465ebc069ad1e1bdbfbf5d1654a4bb49457d87ec290dd1832a571dea47adabea0d3f3c0461f8ce70d10fe2e4a82cbb698fed254c5d269b
Static task
static1
Behavioral task
behavioral1
Sample
zeus 2_2.1.0.3.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
zeus 2_2.1.0.3.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
zeus 2_2.1.0.3.vir
-
Size
199KB
-
MD5
dc6b98b9707c0922ab6a53b3efdd5dac
-
SHA1
a72e76fbd5dfa53b3d27ed9d9e6d194a085d7d0e
-
SHA256
f55d6bd5f13356eda64fae070a5eee1a080f06a0aa69bdd7e137496d88346be3
-
SHA512
04b730c73876fc89eb465ebc069ad1e1bdbfbf5d1654a4bb49457d87ec290dd1832a571dea47adabea0d3f3c0461f8ce70d10fe2e4a82cbb698fed254c5d269b
Score9/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-