zingo | 50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969 | Triage

Submit
Reports

Overview

overview

Static

static

50a82a2406...69.exe

windows7-x64

50a82a2406...69.exe

windows10-2004-x64

Sharing

General

Target

50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969.bin
Size

184KB
Sample

220922-pk7e4afcak
MD5

dc9d5e5265e17186216b1a3f452cc717
SHA1

3cff6ec84b1cf12c8047861549067d0e2b89653c
SHA256

50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969
SHA512

f5b02972f203927fb885d042ab6eb17d32ff970858aea28e2f8e6d3cfeedc56bf88030046a48ae57b694a673c9fa2a88f0a7e7f195c60f175b0429b4c7746e00
SSDEEP

3072:Fu6AiIqx+3Xp9s5qbzcpaJso4aDnanbkoAV/jGiL2UTp3jpWQOR1sw2:gYAXp25+YOso4aobkoAV/jGiL2UTp3jU

Score

10^/10

zingo spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969.exe

Resource

win7-20220812-en

zingo spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969.exe

Resource

win10v2004-20220901-en

zingo spyware stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969.bin
- Size
  
  184KB
- MD5
  
  dc9d5e5265e17186216b1a3f452cc717
- SHA1
  
  3cff6ec84b1cf12c8047861549067d0e2b89653c
- SHA256
  
  50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969
- SHA512
  
  f5b02972f203927fb885d042ab6eb17d32ff970858aea28e2f8e6d3cfeedc56bf88030046a48ae57b694a673c9fa2a88f0a7e7f195c60f175b0429b4c7746e00
- SSDEEP
  
  3072:Fu6AiIqx+3Xp9s5qbzcpaJso4aDnanbkoAV/jGiL2UTp3jpWQOR1sw2:gYAXp25+YOso4aobkoAV/jGiL2UTp3jU
Score

10^/10

zingo spyware stealer trojan
- Zingo stealer
  Zingo is an info stealer first seen in March 2022.
  stealer trojan zingo
- Zingo stealer payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

zingospywarestealertrojan

behavioral2

zingospywarestealertrojan

© 2018-2024

Terms | Privacy