flash

zeusaes_2.7.7.3.exe

Status: finished
Submission Time: 19.07.2020 21:31:46
Malicious

Comments

Tags

  • zeusaes

Details

  • Analysis ID:
    247338
  • API (Web) ID:
    390311
  • Analysis Started:
    20.07.2020 03:27:53
  • Analysis Finished:
    20.07.2020 03:38:06
  • MD5:
    354f372a0e38336f3a6c9e341f8ed271
  • SHA1:
    6ece6eae832907eeffcc69d886ae0b2d644ba3c0
  • SHA256:
    87c779ed21a3c5abb368edd0472968f7f4f3c839fa8ac6ed058bfbee6c6c056a
  • Technologies:
Full Report Engine Info Verdict Score Reports

malicious

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
60/100

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Run Condition: Run with higher sleep bypass

malicious
60/100

malicious
61/70

malicious
30/43

malicious
22/25

malicious

IPs

IP Country Detection
2.7.7.3
France

Dropped files

Name File Type Hashes Detection
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_zeusaes_2.7.7.3._f0bb91026df1211aa97a2ed88eedc49eeda2d9_a0b261a6_128ef726\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREDBF.tmp.dmp
Mini DuMP crash report, 14 streams, Mon Jul 20 01:29:27 2020, 0x1205a4 type
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREFC4.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
Click to see the 1 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF052.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#