Overview

overview

8

Static

static

zeus 2_2.0...ir.exe

windows7_x64

8

zeus 2_2.0...ir.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zeus 2_2.0.9.1.vir

  • Size

    181KB

  • Sample

    200719-abcgc9eqfx

  • MD5

    fdc2de460d937d15c02d0886e8f5ed4c

  • SHA1

    f37b723d5605ce1cec1bbbd540b434afb9c9ba12

  • SHA256

    0d96c8a11fe748d1258fc20378d3e354fd468dd7ba9d07670497024b6fb03406

  • SHA512

    756bb90f34bd55bb2e84e8530bd55e9aa8dc57302189530c2a0257d06397a0aa3fb58d3df3724beaf964e5581b8e118378c3eee3e95ec0483f72368313cadffd

Score
8/10
persistence

Malware Config

Targets

    • Target

      zeus 2_2.0.9.1.vir

    • Size

      181KB

    • MD5

      fdc2de460d937d15c02d0886e8f5ed4c

    • SHA1

      f37b723d5605ce1cec1bbbd540b434afb9c9ba12

    • SHA256

      0d96c8a11fe748d1258fc20378d3e354fd468dd7ba9d07670497024b6fb03406

    • SHA512

      756bb90f34bd55bb2e84e8530bd55e9aa8dc57302189530c2a0257d06397a0aa3fb58d3df3724beaf964e5581b8e118378c3eee3e95ec0483f72368313cadffd

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks