zingo | 29aaf169fc8fe3719d8eceb3d587f2579c3605e9d27c8be7ccdc1801c2c706cf | Triage

Submit
Reports

Overview

overview

Static

static

29aaf169fc...cf.exe

windows7-x64

29aaf169fc...cf.exe

windows10-2004-x64

Sharing

General

Target

29aaf169fc8fe3719d8eceb3d587f2579c3605e9d27c8be7ccdc1801c2c706cf.exe
Size

54KB
Sample

240113-y3m9lsefa4
MD5

c6806f311680863fdfb09a32a26b7433
SHA1

d0821dd151f4ea3d28b40429c5f43f9dcdf45c48
SHA256

29aaf169fc8fe3719d8eceb3d587f2579c3605e9d27c8be7ccdc1801c2c706cf
SHA512

71eaa094129e82e1d7680b7d7ce6da1a1932df949c23e03ebe2d3edb719454b577d9a94a7fc9871ba1bc889a63f9f5ef8bdaed1d27d9a57c26d055fd30d5538e
SSDEEP

768:MzoZgTk0MRUQDbDySGol+1R/8LGRaUh1GM78EAcOwPsiX/z+vB:ioZgTPsbDySGol+ELC1NA7m/8

Score

10^/10

zingo spyware stealer trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

29aaf169fc8fe3719d8eceb3d587f2579c3605e9d27c8be7ccdc1801c2c706cf.exe

Resource

win7-20231129-en

zingo spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

29aaf169fc8fe3719d8eceb3d587f2579c3605e9d27c8be7ccdc1801c2c706cf.exe

Resource

win10v2004-20231222-en

zingo spyware stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  29aaf169fc8fe3719d8eceb3d587f2579c3605e9d27c8be7ccdc1801c2c706cf.exe
- Size
  
  54KB
- MD5
  
  c6806f311680863fdfb09a32a26b7433
- SHA1
  
  d0821dd151f4ea3d28b40429c5f43f9dcdf45c48
- SHA256
  
  29aaf169fc8fe3719d8eceb3d587f2579c3605e9d27c8be7ccdc1801c2c706cf
- SHA512
  
  71eaa094129e82e1d7680b7d7ce6da1a1932df949c23e03ebe2d3edb719454b577d9a94a7fc9871ba1bc889a63f9f5ef8bdaed1d27d9a57c26d055fd30d5538e
- SSDEEP
  
  768:MzoZgTk0MRUQDbDySGol+1R/8LGRaUh1GM78EAcOwPsiX/z+vB:ioZgTPsbDySGol+ELC1NA7m/8
Score

10^/10

zingo spyware stealer trojan
- Zingo stealer
  Zingo is an info stealer first seen in March 2022.
  stealer trojan zingo
- Zingo stealer payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

zingospywarestealertrojan

behavioral2

zingospywarestealertrojan

© 2018-2024

Terms | Privacy