ada8120e497902f56c052282f3bc7083aa91c5094acb903c3b4364b330ed4ffe | Triage

Sharing

General

Target

zeus 1_1.3.1.9.vir
Size

152KB
Sample

200719-8azjx3ds8x
MD5

5a4a21b9f5d9b1b1a6ace393036121d0
SHA1

fe878c60f202afd843f5bbfa76ca0c8c5738cbc9
SHA256

ada8120e497902f56c052282f3bc7083aa91c5094acb903c3b4364b330ed4ffe
SHA512

6ef1716184439aa512fe93a50d29ea04f20d43ebea21eaec62a2b70e936ad1d45ceb591e7c6483ca6674e37c3d0bd8739590b68beebb3aa7fbd0b1c6fe6cee53

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  zeus 1_1.3.1.9.vir
- Size
  
  152KB
- MD5
  
  5a4a21b9f5d9b1b1a6ace393036121d0
- SHA1
  
  fe878c60f202afd843f5bbfa76ca0c8c5738cbc9
- SHA256
  
  ada8120e497902f56c052282f3bc7083aa91c5094acb903c3b4364b330ed4ffe
- SHA512
  
  6ef1716184439aa512fe93a50d29ea04f20d43ebea21eaec62a2b70e936ad1d45ceb591e7c6483ca6674e37c3d0bd8739590b68beebb3aa7fbd0b1c6fe6cee53
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2