Overview

overview

9

Static

static

UPDATE ZEPO.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    UPDATE ZEPO.exe

  • Size

    4.7MB

  • Sample

    230109-d3c4esgd6v

  • MD5

    fc81c6c69c272ecc7f74f1641cf1a0b1

  • SHA1

    b7444ab36d2f28945b5ff18619dde567482fe953

  • SHA256

    7ff3f6a8999bc857c84af476c50ef92fd8c6ed3cf4e511441bd038d52f2cd323

  • SHA512

    1a4c80507cc34b345d909a03b5cfc61f9067c0340e267628ef5bba59e91c5e3050bbe030dffcdbfe6306c47a813815ef9aa2d80ff78d0cc64f4e6580f92eded6

  • SSDEEP

    98304:/5q1dKGAujvn8ynYKw4f7U9FUJq99/BON3DKbMqEreYay:/EKGAujv1YKrq63DKbSKVy

Score
9/10
upx

Malware Config

Targets

    • Target

      UPDATE ZEPO.exe

    • Size

      4.7MB

    • MD5

      fc81c6c69c272ecc7f74f1641cf1a0b1

    • SHA1

      b7444ab36d2f28945b5ff18619dde567482fe953

    • SHA256

      7ff3f6a8999bc857c84af476c50ef92fd8c6ed3cf4e511441bd038d52f2cd323

    • SHA512

      1a4c80507cc34b345d909a03b5cfc61f9067c0340e267628ef5bba59e91c5e3050bbe030dffcdbfe6306c47a813815ef9aa2d80ff78d0cc64f4e6580f92eded6

    • SSDEEP

      98304:/5q1dKGAujvn8ynYKw4f7U9FUJq99/BON3DKbMqEreYay:/EKGAujv1YKrq63DKbSKVy

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks