Overview

overview

10

Static

static

zeus 1_1.3...ir.exe

windows7_x64

10

zeus 1_1.3...ir.exe

windows10_x64

1

Analysis

  • max time kernel
    43s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7v200430
  • submitted
    19-07-2020 19:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    zeus 1_1.3.3.3.vir.exe

  • Size

    116KB

  • MD5

    5a45eed010e1bf8b28185432898dbc4e

  • SHA1

    0ce7cb4fe4d2219947ffc6f3b3b85bb4adfbc95e

  • SHA256

    7a0eadac8671732b6d1d6de37fa37cbf0cab61af3b9720bce64734bd4ac4f19e

  • SHA512

    142ce172c78a89f1398d6b82d5e00f326a86bbddf2c520b334721d6191d1b1e993fafbfbbb255e533f0ecacabab7c3e9ea6de03a9be301140811a6e0242c0c9b

Score
10/10
persistence

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Modifies WinLogon for persistence 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\zeus 1_1.3.3.3.vir.exe
    "C:\Users\Admin\AppData\Local\Temp\zeus 1_1.3.3.3.vir.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Modifies WinLogon for persistence
    • Drops file in System32 directory
    PID:1068

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads