Overview

overview

10

Static

static

zeus 1_1.2...ir.exe

windows7_x64

3

zeus 1_1.2...ir.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zeus 1_1.2.7.1.vir

  • Size

    405KB

  • Sample

    200719-k6626vt7v6

  • MD5

    718a7e9806c6de7ae32a5ff211e6a440

  • SHA1

    9dae8fb8059b29aaea77c4d7b8692256cbf15dc5

  • SHA256

    e41a2e2c7225a85f1ed1638e93d1ced20be49c4f59315d1b0beca7fd7015ecee

  • SHA512

    8bd934ef0fe17cfc7904b0498b3f2352bc77d4ea7a749b3f7aa19789603bb448844fa4a256159f48c2b40ae49a170ab71d0d80edcffb9869ebe2a9edd8e2a365

Score
10/10
persistence

Malware Config

Targets

    • Target

      zeus 1_1.2.7.1.vir

    • Size

      405KB

    • MD5

      718a7e9806c6de7ae32a5ff211e6a440

    • SHA1

      9dae8fb8059b29aaea77c4d7b8692256cbf15dc5

    • SHA256

      e41a2e2c7225a85f1ed1638e93d1ced20be49c4f59315d1b0beca7fd7015ecee

    • SHA512

      8bd934ef0fe17cfc7904b0498b3f2352bc77d4ea7a749b3f7aa19789603bb448844fa4a256159f48c2b40ae49a170ab71d0d80edcffb9869ebe2a9edd8e2a365

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks