General

  • Target

    6932e44a665175ade52304fa4822afc55a98a82251eaeb5419a308aee608163c.bin

  • Size

    171KB

  • Sample

    220922-pk8yxsfcam

  • MD5

    b1c7656b7764c44b14a63b9846c4972a

  • SHA1

    9587d32d61ce38d5cdd56e06ac59a2fd89f0a3fc

  • SHA256

    6932e44a665175ade52304fa4822afc55a98a82251eaeb5419a308aee608163c

  • SHA512

    462ff2516ca33fd60d597a5c2801a077b070947c58070e6db0ad6def0fa329b6052f46c439a85d7cfc7208d405e307ac1e5b908c703a277bc85f8eacbf6fbb59

  • SSDEEP

    3072:qU8x1Vr9WqOrb3AXMEt9uq6XVLY9FQSrZvak+f9ya45eE0BtUnbRW0:4x1p9WqGTaFYFm9FQSrZvak+f9ya45ez

Malware Config

Targets

    • Target

      6932e44a665175ade52304fa4822afc55a98a82251eaeb5419a308aee608163c.bin

    • Size

      171KB

    • MD5

      b1c7656b7764c44b14a63b9846c4972a

    • SHA1

      9587d32d61ce38d5cdd56e06ac59a2fd89f0a3fc

    • SHA256

      6932e44a665175ade52304fa4822afc55a98a82251eaeb5419a308aee608163c

    • SHA512

      462ff2516ca33fd60d597a5c2801a077b070947c58070e6db0ad6def0fa329b6052f46c439a85d7cfc7208d405e307ac1e5b908c703a277bc85f8eacbf6fbb59

    • SSDEEP

      3072:qU8x1Vr9WqOrb3AXMEt9uq6XVLY9FQSrZvak+f9ya45eE0BtUnbRW0:4x1p9WqGTaFYFm9FQSrZvak+f9ya45ez

    • Zingo stealer

      Zingo is an info stealer first seen in March 2022.

    • Zingo stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Command and Control

    Credential Access

    Defense Evasion

      Execution

        Exfiltration

          Impact

            Initial Access

              Lateral Movement

                Persistence

                  Privilege Escalation

                    Tasks