General Information

  • Date:20.07.2020
  • Duration:0h 2m 41s
  • Sample file name:zeus 1_1.3.3.6.vir (renamed file extension from vir to exe)
  • Cookbook:default.jbs
  • Icon:
  • Filetype:exe

Detection

MALICIOUS
    • Found 3 malicious signatures
    • Contacts 1 domain/IP
    • Launches 2 process
    • Drops 4 file

Signature Overview

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 signatures2 2 Behavior Graph ID: 247352 Sample: zeus 1_1.3.3.6.vir Startdate: 20/07/2020 Architecture: WINDOWS Score: 60 13 Antivirus / Scanner detection for submitted sample 2->13 15 Multi AV Scanner detection for submitted file 2->15 17 Machine Learning detection for sample 2->17 6 zeus 1_1.3.3.6.exe 2->6         started        process3 dnsIp4 11 1.3.3.6 CLOUDFLARENETUS China 6->11 9 WerFault.exe 28 10 6->9         started        process5
    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Contacted Public IPs

    IP Country Flag ASN ASN Name Malicious
    1.3.3.6
    China
    13335 CLOUDFLARENETUS false