General
-
Target
zeusx_1.1.4.1.vir
-
Size
145KB
-
Sample
200719-lh48qd7ghj
-
MD5
fa3efd43540aa0685ccc1b83ef61609d
-
SHA1
2f91156e75565f0e13e32c22a76739813ae7553b
-
SHA256
65bb15f0e438e2c4334b1c3a83cbcb465cee8173a93dcb3ec4cb8e2237b57707
-
SHA512
183c8bc925e75e1b23ff1f83b60ced35679444c50e07515d7deed7a0823bede5f028f519281215e73f85db641923ad1dcfa75230584f3034db13d752033fa3f0
Static task
static1
Behavioral task
behavioral1
Sample
zeusx_1.1.4.1.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
zeusx_1.1.4.1.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
zeusx_1.1.4.1.vir
-
Size
145KB
-
MD5
fa3efd43540aa0685ccc1b83ef61609d
-
SHA1
2f91156e75565f0e13e32c22a76739813ae7553b
-
SHA256
65bb15f0e438e2c4334b1c3a83cbcb465cee8173a93dcb3ec4cb8e2237b57707
-
SHA512
183c8bc925e75e1b23ff1f83b60ced35679444c50e07515d7deed7a0823bede5f028f519281215e73f85db641923ad1dcfa75230584f3034db13d752033fa3f0
Score8/10-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-