51a5b26ec3238ab826baf519565e861b67e7db782dd3ee5e2058fc4931a52c40 | Triage

Sharing

General

Target

zeus 1_1.2.1.10.vir
Size

121KB
Sample

200719-ttjy2p5ay6
MD5

3a2fae0e8b886f60ee5248f23c633979
SHA1

c46c7c0c6dafc64cb7e7112638a8962483382800
SHA256

51a5b26ec3238ab826baf519565e861b67e7db782dd3ee5e2058fc4931a52c40
SHA512

3d73aac04cc756eb1e20baad6e33877b0eb2c0b2b14580e4fd9825169569c8525f35c7a895f580067c6c1274896f24d9e5da42edfb71198b968bda91a3dc53ca

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  zeus 1_1.2.1.10.vir
- Size
  
  121KB
- MD5
  
  3a2fae0e8b886f60ee5248f23c633979
- SHA1
  
  c46c7c0c6dafc64cb7e7112638a8962483382800
- SHA256
  
  51a5b26ec3238ab826baf519565e861b67e7db782dd3ee5e2058fc4931a52c40
- SHA512
  
  3d73aac04cc756eb1e20baad6e33877b0eb2c0b2b14580e4fd9825169569c8525f35c7a895f580067c6c1274896f24d9e5da42edfb71198b968bda91a3dc53ca
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2