zingo | 9dfef3d3c0b740f2c1604344647af61b3780fba0ba1902df114f4b746fb166b5 | Triage

Submit
Reports

Overview

overview

Static

static

9dfef3d3c0...b5.exe

windows7-x64

9dfef3d3c0...b5.exe

windows10-2004-x64

Sharing

General

Target

9dfef3d3c0b740f2c1604344647af61b3780fba0ba1902df114f4b746fb166b5
Size

54KB
Sample

220930-wfemvafcfk
MD5

b5282d498ca119c35cdbae2d0783dbfd
SHA1

d2acb7d1c31e3035386194c09a56f7e22de162d6
SHA256

9dfef3d3c0b740f2c1604344647af61b3780fba0ba1902df114f4b746fb166b5
SHA512

7ac7758bc08b0f2075a79196ab85df976fa36ed380b0b8f81739005d92a58a91e55ba845337ab08dcf78d05c31735dbb3835549a6c7416e9a523864ab594add3
SSDEEP

768:VzoZgTk0MRUQDbDySGol+1R/8LGRaUh1GM78EEcOwPsiX/z+h:JoZgTPsbDySGol+ELC1NAfG/g

Score

10^/10

zingo spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

9dfef3d3c0b740f2c1604344647af61b3780fba0ba1902df114f4b746fb166b5.exe

Resource

win7-20220812-en

zingo spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9dfef3d3c0b740f2c1604344647af61b3780fba0ba1902df114f4b746fb166b5.exe

Resource

win10v2004-20220901-en

zingo spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  9dfef3d3c0b740f2c1604344647af61b3780fba0ba1902df114f4b746fb166b5
- Size
  
  54KB
- MD5
  
  b5282d498ca119c35cdbae2d0783dbfd
- SHA1
  
  d2acb7d1c31e3035386194c09a56f7e22de162d6
- SHA256
  
  9dfef3d3c0b740f2c1604344647af61b3780fba0ba1902df114f4b746fb166b5
- SHA512
  
  7ac7758bc08b0f2075a79196ab85df976fa36ed380b0b8f81739005d92a58a91e55ba845337ab08dcf78d05c31735dbb3835549a6c7416e9a523864ab594add3
- SSDEEP
  
  768:VzoZgTk0MRUQDbDySGol+1R/8LGRaUh1GM78EEcOwPsiX/z+h:JoZgTPsbDySGol+ELC1NAfG/g
Score

10^/10

zingo spyware stealer trojan
- Zingo stealer
  Zingo is an info stealer first seen in March 2022.
  stealer trojan zingo
- Zingo stealer payload
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

zingospywarestealertrojan

behavioral2

zingospywarestealertrojan

© 2018-2024

Terms | Privacy