General

  • Target

    50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969.bin

  • Size

    184KB

  • Sample

    220922-pk7e4afcak

  • MD5

    dc9d5e5265e17186216b1a3f452cc717

  • SHA1

    3cff6ec84b1cf12c8047861549067d0e2b89653c

  • SHA256

    50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969

  • SHA512

    f5b02972f203927fb885d042ab6eb17d32ff970858aea28e2f8e6d3cfeedc56bf88030046a48ae57b694a673c9fa2a88f0a7e7f195c60f175b0429b4c7746e00

  • SSDEEP

    3072:Fu6AiIqx+3Xp9s5qbzcpaJso4aDnanbkoAV/jGiL2UTp3jpWQOR1sw2:gYAXp25+YOso4aobkoAV/jGiL2UTp3jU

Malware Config

Targets

    • Target

      50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969.bin

    • Size

      184KB

    • MD5

      dc9d5e5265e17186216b1a3f452cc717

    • SHA1

      3cff6ec84b1cf12c8047861549067d0e2b89653c

    • SHA256

      50a82a2406642ccb929c5735e0c2ab719d524c8ced941ea012a500d60210e969

    • SHA512

      f5b02972f203927fb885d042ab6eb17d32ff970858aea28e2f8e6d3cfeedc56bf88030046a48ae57b694a673c9fa2a88f0a7e7f195c60f175b0429b4c7746e00

    • SSDEEP

      3072:Fu6AiIqx+3Xp9s5qbzcpaJso4aDnanbkoAV/jGiL2UTp3jpWQOR1sw2:gYAXp25+YOso4aobkoAV/jGiL2UTp3jU

    • Zingo stealer

      Zingo is an info stealer first seen in March 2022.

    • Zingo stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Command and Control

    Credential Access

    Defense Evasion

      Execution

        Exfiltration

          Impact

            Initial Access

              Lateral Movement

                Persistence

                  Privilege Escalation

                    Tasks