Overview

overview

10

Static

static

zeus 1_1.2...ir.exe

windows7_x64

3

zeus 1_1.2...ir.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zeus 1_1.2.1.4.vir

  • Size

    479KB

  • Sample

    200719-3q1alnyxy6

  • MD5

    1d1b1602c073e6c145c16536d37db0df

  • SHA1

    b075fccf8edca14e8045f18fbdc9909a40f3f2a7

  • SHA256

    0784858faba61fdacdad3f9dce2a0803147be628aab9eeb2c8de0663010cd263

  • SHA512

    db854a6c409242c5221f6b4257d5afaf7ba873ba4e814dadcf725937e81aaa91aa3f58fecc163654915f8bd17a1820f1100ddf8cb82e88d99b3c87849695ffd9

Score
10/10
persistence

Malware Config

Targets

    • Target

      zeus 1_1.2.1.4.vir

    • Size

      479KB

    • MD5

      1d1b1602c073e6c145c16536d37db0df

    • SHA1

      b075fccf8edca14e8045f18fbdc9909a40f3f2a7

    • SHA256

      0784858faba61fdacdad3f9dce2a0803147be628aab9eeb2c8de0663010cd263

    • SHA512

      db854a6c409242c5221f6b4257d5afaf7ba873ba4e814dadcf725937e81aaa91aa3f58fecc163654915f8bd17a1820f1100ddf8cb82e88d99b3c87849695ffd9

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks