7603db669c807f811b12ddfb14b4d85850ab916983dff5944fd08c307c69b665 | Triage

Sharing

General

Target

zeus 1_1.2.7.19.vir
Size

86KB
Sample

200719-rncp4162w6
MD5

a96c5da33171b8dd4e056fadfb7b003b
SHA1

056dadbcd421c8e53300d0d49d746fcfef4a71d7
SHA256

7603db669c807f811b12ddfb14b4d85850ab916983dff5944fd08c307c69b665
SHA512

487c907dcc18c435665db95219daccaf407a0eba36a5feef7ef7f02d1db2ef06918d4b63e31e12ac398c90e43c1f3be81b5977bc37f5b2ce20ae02c82b3cc48e

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  zeus 1_1.2.7.19.vir
- Size
  
  86KB
- MD5
  
  a96c5da33171b8dd4e056fadfb7b003b
- SHA1
  
  056dadbcd421c8e53300d0d49d746fcfef4a71d7
- SHA256
  
  7603db669c807f811b12ddfb14b4d85850ab916983dff5944fd08c307c69b665
- SHA512
  
  487c907dcc18c435665db95219daccaf407a0eba36a5feef7ef7f02d1db2ef06918d4b63e31e12ac398c90e43c1f3be81b5977bc37f5b2ce20ae02c82b3cc48e
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2