25dc78e4fa56b07dd2a1150add01629ce44df08004b26e6fbeb5a43758cffe18

Sharing

Copy URL

Twitter E-mail

General

Target

Zeppy Loader.zip
Size

74.8MB
Sample

240720-ysgdbawfne
MD5

832901bbe9c5b3b25f5de86ad328a2a6
SHA1

a7f79d9aa4c3e5b7686023e1cfd614dda75af1be
SHA256

25dc78e4fa56b07dd2a1150add01629ce44df08004b26e6fbeb5a43758cffe18
SHA512

0c8c38b58e4f50d89c62da2d77c333b2ad3ceaa35a8601177eca8f82fef0c8de7b9b68e022a01ff8f486b6be26d9201c3e4f635901ade9fb6fa55ba865694368
SSDEEP

1572864:yhrzpezMmIGm3FtbmkNBn/HqoqC6v49cNg7W+fann+Q7bUShyjnD7q:yhr1ezvb0Lfy86v4Ig7rvQRYK

Score

3^/10

Malware Config

Targets

- Target
  
  Zeppy Loader.zip
- Size
  
  74.8MB
- MD5
  
  832901bbe9c5b3b25f5de86ad328a2a6
- SHA1
  
  a7f79d9aa4c3e5b7686023e1cfd614dda75af1be
- SHA256
  
  25dc78e4fa56b07dd2a1150add01629ce44df08004b26e6fbeb5a43758cffe18
- SHA512
  
  0c8c38b58e4f50d89c62da2d77c333b2ad3ceaa35a8601177eca8f82fef0c8de7b9b68e022a01ff8f486b6be26d9201c3e4f635901ade9fb6fa55ba865694368
- SSDEEP
  
  1572864:yhrzpezMmIGm3FtbmkNBn/HqoqC6v49cNg7W+fann+Q7bUShyjnD7q:yhr1ezvb0Lfy86v4Ig7rvQRYK
Score

1^/10
behavioral1
- Target
  
  Zeppy Loader/DiscordRPC.dll
- Size
  
  82KB
- MD5
  
  c6115a08c8e50dac0194fb98d3edc9d2
- SHA1
  
  903da7fb7ad47b7ad8eb5984ed54a865f6148744
- SHA256
  
  4dd4d48e0681604e3a7a72b6eae42173421d0b806b1af8fa03b45d9999978499
- SHA512
  
  3e43f721cf7b1ab28a4ff771b4186c70523eb2bd236063111593453c08dc8a7cf3fffd6a15af72502e8b800a35fbc7a7bd4ebb5b8f5f41796ee62a7a4a96c324
- SSDEEP
  
  768:eZGfuhWbsoZkmJPTsERSrxWjOFB8ZZnwUMOpSJAT9wQtc3nIYH+nijpJRMnk56Ha:TWIbP3QxWjOQ5pYlPMkh+mTxtSNy
Score

1^/10
behavioral2
- Target
  
  Zeppy Loader/DotNetZip.dll
- Size
  
  247KB
- MD5
  
  319226c18dbc02d2ac4c0dd9dc116d53
- SHA1
  
  4ef827ec4c51cf2845e3a50fc23700177a4930f8
- SHA256
  
  eb9b84a3df6ae51759544ba04224a4f91454b8a81d54b37c846a4216bc72c15e
- SHA512
  
  dcb2b6e9e1f820472e96cd3e649cc696948d02545c141c483234aab98706c0d19051fcafafc14a928b6b2937125c61db3c49cdc45181e809d73df73f7db3cfbc
- SSDEEP
  
  6144:L5V1a8gCaIAaLPaiUoQhdTC015tRuAKObQ:rsmaIrPaikhvftA9OE
Score

1^/10
behavioral3
- Target
  
  Zeppy Loader/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral4
- Target
  
  Zeppy Loader/Resources/SpooferV2.zip
- Size
  
  585KB
- MD5
  
  be9ceaefd3e670df5ad258aa230c0867
- SHA1
  
  e4dd993dc6afca28ef0056b7f185dc35451a0cfc
- SHA256
  
  e5956d2648f3c703f34f4b4773699f468900990a3de8475b09fa1fdd4e19a9d7
- SHA512
  
  245b50a74d127a6b41f33a28c4447b2965a6485a0a6d1a82e4f6e6979c21d86fb1837b5cbd982e4700447d876414a1e1e4383ffdf00356fe88b5ccc50b47f7bf
- SSDEEP
  
  12288:kjWPFXbXMCj76fMmDlqgU2NyREeiPqmAV/ariBz+RCjg2ULUr7Njol2jkYfx3R:zFrXB6fMmDlqgUFuFqfBzcztUVjoYl3
Score

1^/10
behavioral5
- Target
  
  Zeppy Loader/Resources/lethalcompany.zip
- Size
  
  24.7MB
- MD5
  
  1f14f3f42dc068622cb5409d2e221b5f
- SHA1
  
  35f74ef24440aa8eb8981c066bb431f3d8f3417c
- SHA256
  
  91e08430c55d9ac5d85432d9f72bacac4b029612dd41457b3e6be64c2617972a
- SHA512
  
  51e7a9612d496184ca80c74661a5027d1df44a7d9ab185a9c475ab478d15676a9d114ef4edd358cbe90775f284a5938ecb43d4c1ce5ebe8bafc25acbb37c5d35
- SSDEEP
  
  393216:/WqMR+2WI4xkXi3yJc01WBE9zHnM7y8ncB8SgTaLaroNEJ9HC+EVldTNue1ur+:/rVBx4WycW9zMmJOGmr6E3lKwy
Score

1^/10
behavioral6
- Target
  
  Zeppy Loader/Resources/pixelworld.zip
- Size
  
  48.6MB
- MD5
  
  38a6272d4875f93e94ea92d59290be47
- SHA1
  
  fde8b7e57a7cffb0a45643c16736483264fc0837
- SHA256
  
  2d70fb89fa74da426ea1aaef262f23f31aa1be1d778d66e8e2ea953331d8e167
- SHA512
  
  83c6815eee1b6b4ae85f1bc7276905554a7d5061918534c330e9a906fd5a60f2c5088e730f85daa11318cf0bce9f16b0cdd8c47e86c9552480ae4f3b88125615
- SSDEEP
  
  1572864:LtbmkNBn/HqoqC6v49cNg7W+fann+Q7bUShyjnD5:Ffy86v4Ig7rvQRY1
Score

1^/10
behavioral7
- Target
  
  Zeppy Loader/SharpCompress.dll
- Size
  
  581KB
- MD5
  
  10240a7227f820354e3718714b654242
- SHA1
  
  9cbe3eec72882df16d9766ea151599d4d4b42409
- SHA256
  
  dcd337293d500d6a8d3ef8a058136a4beca6a0270faa6daafeed3d49ed790c9c
- SHA512
  
  4fb8bf84aaa32b27428e318e4052740dfbb6aced3d1c963af8c40cb69f6d20b01d2886299dbfedcd72114331ad7a00f99756b130b00b82c5fc8616210027b9f5
- SSDEEP
  
  6144:yX5ux0pllJzraxkiVuDRb3PJYQK2SeWQrTx7XMWjHYA2+Wn8m5sw8CuZsQkM:UVpiV2HYQxWEZ8gYX+Q8YsZp6
Score

1^/10
behavioral8
- Target
  
  Zeppy Loader/Zeppelins Loader.deps.json
- Size
  
  7KB
- MD5
  
  589fe2a1e6f9489608e51e48de8dd96b
- SHA1
  
  63217924d89f6d4fa3c3b572718873272b0b8d7b
- SHA256
  
  1fdfe06443d2b486454b96348dc32ff7b1bb0a7ee353db511e331cd21dcdcf22
- SHA512
  
  e26cecf08a290068aec8dcea0f4042fb6575d5d78fac0ace6e04e8abdf124b05907d47171fbf13f7bbd3296906bd4b5c88979cc71cb721207840d8e9d101a4c6
- SSDEEP
  
  96:1B/CSJ8ch73fvZdBpLl+ugoWfKO94IZl9yXQ3g2VdJozKfd7LZmA++thSwFQXVDe:1BKchd5l+u/W99n7Zmr+LSwQyADLp2
Score

3^/10
behavioral9
- Target
  
  Zeppy Loader/Zeppelins Loader.dll
- Size
  
  154KB
- MD5
  
  4e2a3f4baf89bf9ad19583ba3b36290e
- SHA1
  
  afb997d12e72f9a80a9114cde01dc9d1aa0f6252
- SHA256
  
  29d346b6a95392eeecb2009fb59a72ca36055cec3e8cb9bb7ea9da499d7727fd
- SHA512
  
  5dede98107d428b316b0f259fdad82d371c4a9f9ac57b3c6e79c0176ed30e22e1d4f177342d7b83842b4f235af5a0fa68be22455a45f316202d7c331a3fca737
- SSDEEP
  
  3072:AOhSdztm+0SGpHLHpaNLzPz1LzPz9khX5uf1HVtE:AOeztj0vdLJa5z9z6hX5uf11t
Score

1^/10
behavioral10
- Target
  
  Zeppy Loader/Zeppelins Loader.exe
- Size
  
  155KB
- MD5
  
  747bdd72cc79d2f5edbdec9b599d0624
- SHA1
  
  97a1dad685c7a53703103dabdf1428edb57c8ae3
- SHA256
  
  39b328e2d063a39cd1af5701217f4ab4c1c57ac3e57970f21c3a6389b97b08c7
- SHA512
  
  c93f7d9ef68d169d3ee514f044bff6f06a26dd8903e8d4c4a5312554bedf985cc1c57e8f3ece62b92a502091bd2d00c4478b94c55eb632a4ef40979095fad8a6
- SSDEEP
  
  3072:KcNyhtHjhzN2DSJrm7WWy1fb8jO/rZEt94h9oBxRASWgrst/:KcJeZm7mJCt940BxeS7rst
Score

3^/10
behavioral11
- Target
  
  Zeppy Loader/Zeppelins Loader.pdb
- Size
  
  21KB
- MD5
  
  1e70bf9785f355cd8aa642586b512205
- SHA1
  
  91357d439acd05f2c65b00729f8aa793860bcfdf
- SHA256
  
  2c48472c8bbb6ae2e9c3eeef2179505d4571238a498341b34c6fb644a3dcad09
- SHA512
  
  829eb9768bf655ded1ada34360ceca277aca70cf82b79e34f01b1200c4165cbfa2898b7e9b4f1613e61905837e21d848069e4df8985709d49f6dbb1f142aa1ba
- SSDEEP
  
  384:mWKbN/1ObtYm1nB+hOaZXkZ5a9tedxhzL7qO4q1Q2baPfPHzftmSPH9DZRUxxNhp:Eh1SthCchTr1Q2bIrUxZGSw37lNz+
Score

3^/10
behavioral12
- Target
  
  Zeppy Loader/Zeppelins Loader.runtimeconfig.json
- Size
  
  266B
- MD5
  
  d8ae75ee64991f91ddf5fa2c72adcc7c
- SHA1
  
  c8318862e3f8051daed02b9d764e7468cbe4bf86
- SHA256
  
  6a9ae797b520e700bcb418aa36e945f22d27c86b3aebb393cb7c4462d52e76da
- SHA512
  
  8907e87ce5c582ada4d391009b015ea9878c3f788a15f327dc7bf147e8a4ac80258e0541f1f35f3e00cb29dfbd55839908595a6941920d68bf7cb8bfdffb4998
Score

3^/10
behavioral13
- Target
  
  Zeppy Loader/ZstdSharp.dll
- Size
  
  419KB
- MD5
  
  77aa96e5ecd3441effb8fe98e42decc0
- SHA1
  
  4591cf8ae8e81b755aded5a3c16176b99d936148
- SHA256
  
  48fd25e836a4e2b4f21ee946367c5b7e37973eb0c9199195f95e0c877def6736
- SHA512
  
  01df9d4bea66cca53d9c19caf74a2e6a80b8990fc4ed4a1badef5aea3caca5f672d8ab8d37f71ad091ac85af31a028be12fda0617322b75bbdd4c78677e51a06
- SSDEEP
  
  6144:9y8QW+9JfLBlp73/klQYp9iqwNGGuC3wpaFf7E+ICC1B75V:9yr3fB73YQYPTCC
Score

1^/10
behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14