zebrocy | f868e88eb2524d15cfcd87afdf697074e0f9785792f342044501347dce549a1f

Resubmissions

25-01-2021 08:35

210125-cq2gjr6x2s 10

30-07-2019 12:34

190730-twrv8j2yqn 0

Sharing

Copy URL

Twitter E-mail

General

Target

m)hhm.exe
Size

3.5MB
Sample

210125-cq2gjr6x2s
MD5

6bc5f53d4082f12dd83aca45bae81e64
SHA1

1fb4cd155393db202b0ceed59ff49a10329b2592
SHA256

f868e88eb2524d15cfcd87afdf697074e0f9785792f342044501347dce549a1f
SHA512

05b430fe0a57373098e648fa19e3ef47b5e64ecb6fca414e8b7b66c23d7c6da626f6ac3c15115edde4421344b0ead7a6ea015791f42d853fe14af631cbca831e

Score

10^/10

zebrocy persistence

Malware Config

Extracted

Family

zebrocy

http://89.37.226.148/technet-support/library/online-service-description.php?id_name=

Targets

- Target
  
  m)hhm.exe
- Size
  
  3.5MB
- MD5
  
  6bc5f53d4082f12dd83aca45bae81e64
- SHA1
  
  1fb4cd155393db202b0ceed59ff49a10329b2592
- SHA256
  
  f868e88eb2524d15cfcd87afdf697074e0f9785792f342044501347dce549a1f
- SHA512
  
  05b430fe0a57373098e648fa19e3ef47b5e64ecb6fca414e8b7b66c23d7c6da626f6ac3c15115edde4421344b0ead7a6ea015791f42d853fe14af631cbca831e
Score

10^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Process Discovery

T1057

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2