Overview

overview

10

Static

static

zeus 1_1.3...ir.exe

windows7_x64

10

zeus 1_1.3...ir.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zeus 1_1.3.3.1.vir

  • Size

    141KB

  • Sample

    200719-d4g7es2q9a

  • MD5

    e71c08a1ff2b9528980b064dad367106

  • SHA1

    25903fc6a76bccc1fc3582cdea14a4d282ef5076

  • SHA256

    c1c21947e1a6d21286c6aabf649edaf9796789885fbaba5b62a91f7b5e581091

  • SHA512

    2d18b1037a07aacfe1ed7dead17efb9756066f5aff0d62abba22c8bf8a6beaf2db4c5220063d5b140fcafaa524d47e677c38e7ee07765bc5031ce715a0e3a935

Score
10/10
persistence

Malware Config

Targets

    • Target

      zeus 1_1.3.3.1.vir

    • Size

      141KB

    • MD5

      e71c08a1ff2b9528980b064dad367106

    • SHA1

      25903fc6a76bccc1fc3582cdea14a4d282ef5076

    • SHA256

      c1c21947e1a6d21286c6aabf649edaf9796789885fbaba5b62a91f7b5e581091

    • SHA512

      2d18b1037a07aacfe1ed7dead17efb9756066f5aff0d62abba22c8bf8a6beaf2db4c5220063d5b140fcafaa524d47e677c38e7ee07765bc5031ce715a0e3a935

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks