Analysis
-
max time kernel
139s -
max time network
144s -
platform
windows7_x64 -
resource
win7 -
submitted
14-09-2020 16:58
Static task
static1
Behavioral task
behavioral1
Sample
zupal32.bin.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
zupal32.bin.exe
Resource
win10v200722
windows10_x64
0 signatures
0 seconds
General
-
Target
zupal32.bin.exe
-
Size
5.2MB
-
MD5
3ab9af930facd4f8d7e0d49bf7077034
-
SHA1
00d53122b01f8939369f90e8ecb4b560b4d5e4a2
-
SHA256
ade0d7fbdcb34d7cbd220beb9c3c2484f7ce05c11043bd5ed64df239f5039ba7
-
SHA512
376ed0d9bc696d6f1a10e2cb67f170870aff32aa6e3e4f6b5a5f4da85116afaa6b2e7b5e6652ca8361524ebf55effe7394bc888d674afc3d99b7745476129633
Score
1/10
Malware Config
Signatures
-
Gathers system information 1 TTPs 1 IoCs
Runs systeminfo.exe.
-
GoLang User-Agent 1 IoCs
Uses default user-agent string defined by GoLang HTTP packages.
Processes:
description flow ioc HTTP User-Agent header 5 Go-http-client/1.1 -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
zupal32.bin.exedescription pid process target process PID 1316 wrote to memory of 1696 1316 zupal32.bin.exe Systeminfo.exe PID 1316 wrote to memory of 1696 1316 zupal32.bin.exe Systeminfo.exe PID 1316 wrote to memory of 1696 1316 zupal32.bin.exe Systeminfo.exe PID 1316 wrote to memory of 1696 1316 zupal32.bin.exe Systeminfo.exe