General
-
Target
Ziproar.exe.7z
-
Size
1.0MB
-
Sample
221123-z3dkvahe2t
-
MD5
176298c19fb99298e0e2eb0f96f7a1b4
-
SHA1
f8d34aa47a7a552a0877486cbbd9faa03843cdc1
-
SHA256
c3ca6ff83b2c833c430b8a13bc767df391de562031b38db0f01ee2cad6a158e9
-
SHA512
0462b923792ac9c01a26b3600443aca67176c6dc9552392abf20e248f4a2a6c60d96a22e8b9fc574fb4a44413167a84eaeb9714fa8051918870789ac02985428
-
SSDEEP
24576:TqpE73SeyLBDkNqs7dfBxhDh1fOMwXq3oXivoySzEnXpd8TtB5vNPH:TqpQSNLBgNqsnh1XwXIoXjySgL8v5vN/
Static task
static1
Behavioral task
behavioral1
Sample
Ziproar.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
Ziproar.exe
-
Size
1.2MB
-
MD5
2ec2320d4eed30db02d36b9dacfb44e9
-
SHA1
018d7d4a124aa6e8a17586d4610608bc4e84533c
-
SHA256
5bcd2e971509198523001843ba1f8d7e5cd1aebcf2e347acc58a21fbb8307aee
-
SHA512
8a834cee216dfba2635cd0b9e0c5a9cadcfd100e7427651416c8fb65bdeb01c23a63fe3abb4306bebeee7f54327de9aa4da85418761b710d6d549919dd23c10d
-
SSDEEP
24576:cLlgAi31nyHQLAgcDyOTG64fvVxSWsdezc0SEI:cy3nyHQLAgcRV4fHfhkEI
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-