Overview

overview

10

Static

static

zeus 1_1.2...ir.exe

windows7_x64

3

zeus 1_1.2...ir.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zeus 1_1.2.4.5.vir

  • Size

    100KB

  • Sample

    200719-19637plhja

  • MD5

    83b02f124378c926e5302bcdbf0d4356

  • SHA1

    50fa333d61e3afb5f147939bffa45c15ba3f3a58

  • SHA256

    9eabb73fe305b3afaba2e0340c7e8cc8aa468769f9d55c3d967877596c856c3d

  • SHA512

    310befbad58619905bfe63ae9eae15a8c4ee8b0ab0337e5a650dfaedd45be29c774d3eb7edff4070ff3f6263624b8b2be491d58d9d4d0cbad16a162f11471aa9

Score
10/10

Malware Config

Targets

    • Target

      zeus 1_1.2.4.5.vir

    • Size

      100KB

    • MD5

      83b02f124378c926e5302bcdbf0d4356

    • SHA1

      50fa333d61e3afb5f147939bffa45c15ba3f3a58

    • SHA256

      9eabb73fe305b3afaba2e0340c7e8cc8aa468769f9d55c3d967877596c856c3d

    • SHA512

      310befbad58619905bfe63ae9eae15a8c4ee8b0ab0337e5a650dfaedd45be29c774d3eb7edff4070ff3f6263624b8b2be491d58d9d4d0cbad16a162f11471aa9

    Score
    10/10

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks