General

  • Target

    zeus 1_1.2.7.18.vir

  • Size

    236KB

  • Sample

    200719-nq2168z9te

  • MD5

    eeccb8ea9937e00358b11af24b5eeee4

  • SHA1

    1c8d7676a6266c354734399b7e15cf293fcf1ee0

  • SHA256

    f797a6431426ff04d0640dc3ae0aa4db3f0232d5d0cef3b7df9cd05da5d3acdb

  • SHA512

    fdec7db2c4c103eef2cb9640d93f2a029e88430a513b919cb4eebca9ada03b1501516702bd1a45af8794c118ae5fef8c0765ba493cb605a6a1e708bb20eac31b

Score
10/10

Malware Config

Targets

    • Target

      zeus 1_1.2.7.18.vir

    • Size

      236KB

    • MD5

      eeccb8ea9937e00358b11af24b5eeee4

    • SHA1

      1c8d7676a6266c354734399b7e15cf293fcf1ee0

    • SHA256

      f797a6431426ff04d0640dc3ae0aa4db3f0232d5d0cef3b7df9cd05da5d3acdb

    • SHA512

      fdec7db2c4c103eef2cb9640d93f2a029e88430a513b919cb4eebca9ada03b1501516702bd1a45af8794c118ae5fef8c0765ba493cb605a6a1e708bb20eac31b

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Winlogon Helper DLL

1
T1004

Defense Evasion

Modify Registry

1
T1112

Tasks