General

  • Size

    156KB

  • Sample

    200719-gxdsxx7dlx

  • MD5

    b9c618bfccb4c700f538415b4a475992

  • SHA1

    e548106618d37564ec9271cd622f980837e98057

  • SHA256

    8df08ecd3c08c6e28a5d73869b6c3a980363856cce72dd9a1c2170c75332a451

  • SHA512

    a59497535a32eb78c25472b10208be8221a6318e465af328de3ecd1a4157673494784f97305f2c0b8a9607f9fd2f03fff380275123eb5bf91613389a3f0d3328

Score
10/10

Malware Config

Targets

    • Target

      zeus 1_1.2.4.10.vir

    • Size

      156KB

    • MD5

      b9c618bfccb4c700f538415b4a475992

    • SHA1

      e548106618d37564ec9271cd622f980837e98057

    • SHA256

      8df08ecd3c08c6e28a5d73869b6c3a980363856cce72dd9a1c2170c75332a451

    • SHA512

      a59497535a32eb78c25472b10208be8221a6318e465af328de3ecd1a4157673494784f97305f2c0b8a9607f9fd2f03fff380275123eb5bf91613389a3f0d3328

    Score
    10/10
    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Discovery

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                    Privilege Escalation