Overview

overview

10

Static

static

zeus 1_1.2...ir.exe

windows7_x64

3

zeus 1_1.2...ir.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zeus 1_1.2.4.8.vir

  • Size

    1.1MB

  • Sample

    200719-wsv98kxpe2

  • MD5

    4ba952b428c9969263f5d346f4500ae3

  • SHA1

    41d627d46dd3916868b6c843f23925966f091d53

  • SHA256

    5969cc370c2929ff7126536d7305f923a2ed66427932ede1b6ef21a7918c9b53

  • SHA512

    780331e7c0305a1ba13c50122fa5474ec3b7c91590c7c6a04b1c96e496d982b95d41ab009aaa4a47fe3bc63ab642f53f1b02fa75f1da7cc95d422000c759ad9e

Score
10/10
persistence

Malware Config

Targets

    • Target

      zeus 1_1.2.4.8.vir

    • Size

      1.1MB

    • MD5

      4ba952b428c9969263f5d346f4500ae3

    • SHA1

      41d627d46dd3916868b6c843f23925966f091d53

    • SHA256

      5969cc370c2929ff7126536d7305f923a2ed66427932ede1b6ef21a7918c9b53

    • SHA512

      780331e7c0305a1ba13c50122fa5474ec3b7c91590c7c6a04b1c96e496d982b95d41ab009aaa4a47fe3bc63ab642f53f1b02fa75f1da7cc95d422000c759ad9e

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks