General
-
Target
vmzeus_3.2.8.1.vir
-
Size
265KB
-
Sample
200719-rdvz2shlkx
-
MD5
0422542c1ff6ffbffeeef1737344b3da
-
SHA1
9594c25b3df6a2e417a8ffa693474284829aade0
-
SHA256
7b6d799270931ac8653e17960b95378a67c532cc4c9ea485e4f3430a58089f97
-
SHA512
de1d04bee6c2bacfb09da13732a10daa03a6003e060ff7ce8dd61ad809a96caa33d9bb96bd3b6b4bcb919385ba4764670af9edf58ede21f69643dc8a3d61b6ea
Static task
static1
Behavioral task
behavioral1
Sample
vmzeus_3.2.8.1.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
vmzeus_3.2.8.1.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
vmzeus_3.2.8.1.vir
-
Size
265KB
-
MD5
0422542c1ff6ffbffeeef1737344b3da
-
SHA1
9594c25b3df6a2e417a8ffa693474284829aade0
-
SHA256
7b6d799270931ac8653e17960b95378a67c532cc4c9ea485e4f3430a58089f97
-
SHA512
de1d04bee6c2bacfb09da13732a10daa03a6003e060ff7ce8dd61ad809a96caa33d9bb96bd3b6b4bcb919385ba4764670af9edf58ede21f69643dc8a3d61b6ea
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-