zebrocy | e43ae92ee7ac5cc76535867872ba06b1b96135babafedddccd3d58f38c2b882b | Triage

Submit
Reports

Overview

overview

Static

static

e1509c589f...18.dll

windows7-x64

e1509c589f...18.dll

windows10-2004-x64

Sharing

General

Target

e1509c589fde2272c0d20072dfe09722_JaffaCakes118
Size

5.1MB
Sample

240915-af98vsvelg
MD5

e1509c589fde2272c0d20072dfe09722
SHA1

81a3044e92d14f6abf9bc813e1e030f6baaed4f2
SHA256

e43ae92ee7ac5cc76535867872ba06b1b96135babafedddccd3d58f38c2b882b
SHA512

a83b77e326225401e0d5ff450d0563909741a42274daffcfa2ccdc736b1e244825a0024756506877e0591599c2ae57094c0edbc3bcf3bb1fdabe1a8ea4baca55
SSDEEP

98304:7xlrOi7+ogZnV34M3B2uXSfjbIWPQCr1tXYJZmaqD/v1:7xB7+PqAIFfjbIWPQCr1tXYJYaqr1

Score

10^/10

zebrocy backdoor discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

e1509c589fde2272c0d20072dfe09722_JaffaCakes118.dll

Resource

win7-20240708-en

zebrocy backdoor discovery trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1509c589fde2272c0d20072dfe09722_JaffaCakes118.dll

Resource

win10v2004-20240802-en

zebrocy backdoor discovery trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

zebrocy

C2

http://37.120.140.215/develop/resources.php

Targets

- Target
  
  e1509c589fde2272c0d20072dfe09722_JaffaCakes118
- Size
  
  5.1MB
- MD5
  
  e1509c589fde2272c0d20072dfe09722
- SHA1
  
  81a3044e92d14f6abf9bc813e1e030f6baaed4f2
- SHA256
  
  e43ae92ee7ac5cc76535867872ba06b1b96135babafedddccd3d58f38c2b882b
- SHA512
  
  a83b77e326225401e0d5ff450d0563909741a42274daffcfa2ccdc736b1e244825a0024756506877e0591599c2ae57094c0edbc3bcf3bb1fdabe1a8ea4baca55
- SSDEEP
  
  98304:7xlrOi7+ogZnV34M3B2uXSfjbIWPQCr1tXYJZmaqD/v1:7xB7+PqAIFfjbIWPQCr1tXYJYaqr1
Score

10^/10

zebrocy backdoor discovery trojan
- Zebrocy
  Zebrocy is a backdoor created by Sofacy threat group and has multiple variants developed in different languages.
  trojan backdoor zebrocy
- Zebrocy Go Variant
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

zebrocybackdoordiscoverytrojan

behavioral2

zebrocybackdoordiscoverytrojan

© 2018-2024

Terms | Privacy