zebrocy | f36a0ee7f4ec23765bb28fbfa734e402042278864e246a54b8c4db6f58275662 | Triage

Submit
Reports

Overview

overview

Static

static

test

windows7_x64

Sharing

General

Target

243_BIO_SINOPHARM.exe
Size

4.7MB
Sample

201209-mxcxpfvz9e
MD5

49a34cfbeed733c24392c9217ef46bb6
SHA1

fbe27e84dd553477894242844652a30eb7d713bc
SHA256

f36a0ee7f4ec23765bb28fbfa734e402042278864e246a54b8c4db6f58275662
SHA512

bc939a0b0c8472a3388ccbf298983d6d720e1c740f0f61008713a357b909743e3b1bb3b618f048a25fb95b8b5d8d159e593e5876a4bed0f0e95c7ffa9783ebcd

Score

10^/10

zebrocy

Static task

static1

Behavioral task

behavioral1

Sample

243_BIO_SINOPHARM.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

zebrocy

C2

/managment/cb-secure/technology.php

Targets

- Target
  
  243_BIO_SINOPHARM.exe
- Size
  
  4.7MB
- MD5
  
  49a34cfbeed733c24392c9217ef46bb6
- SHA1
  
  fbe27e84dd553477894242844652a30eb7d713bc
- SHA256
  
  f36a0ee7f4ec23765bb28fbfa734e402042278864e246a54b8c4db6f58275662
- SHA512
  
  bc939a0b0c8472a3388ccbf298983d6d720e1c740f0f61008713a357b909743e3b1bb3b618f048a25fb95b8b5d8d159e593e5876a4bed0f0e95c7ffa9783ebcd
Score

10^/10
- Executes dropped EXE
- Deletes itself
- JavaScript code in executable
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy