3a5f51e46b9314228955b6e42ba9cf5c37566a69a2f49acb9ad0ee8c3132ba24 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

Zamzar-1.1...up.exe

windows7-x64

6

Zamzar-1.1...up.exe

windows10-2004-x64

6

Sharing

General

Target

Zamzar-1.1.0.Setup.exe
Size

120.7MB
Sample

240523-ppw5xshf5s
MD5

3980ea90d6a3cd78ae4043efc820876f
SHA1

e40c66343b6ed66982cc89a36c97badf3a95ded6
SHA256

3a5f51e46b9314228955b6e42ba9cf5c37566a69a2f49acb9ad0ee8c3132ba24
SHA512

7389a28392cfd8c0022e5b8955ceb3cbfa8170768fd132190e137771d0ea1d7e9bd7085208c44d4d68e34d0082e437d55658b7a9ce25eab8d8ac6b903a694f7e
SSDEEP

3145728:qtwOduAgm/T6gLxYbW/uR6SOOlo/KNVR18XD0otBEL6H8:N0r6gL0bY1qDN7otOLm8

Score

6^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

Zamzar-1.1.0.Setup.exe

Resource

win7-20240215-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Zamzar-1.1.0.Setup.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  Zamzar-1.1.0.Setup.exe
- Size
  
  120.7MB
- MD5
  
  3980ea90d6a3cd78ae4043efc820876f
- SHA1
  
  e40c66343b6ed66982cc89a36c97badf3a95ded6
- SHA256
  
  3a5f51e46b9314228955b6e42ba9cf5c37566a69a2f49acb9ad0ee8c3132ba24
- SHA512
  
  7389a28392cfd8c0022e5b8955ceb3cbfa8170768fd132190e137771d0ea1d7e9bd7085208c44d4d68e34d0082e437d55658b7a9ce25eab8d8ac6b903a694f7e
- SSDEEP
  
  3145728:qtwOduAgm/T6gLxYbW/uR6SOOlo/KNVR18XD0otBEL6H8:N0r6gL0bY1qDN7otOLm8
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy