3a17d7cddfec31925a652e917984c278cb8a1ee68554248ded467696c427e041

Submit
Reports

Overview

overview

Static

static

zapret-win...64.cmd

windows7-x64

zapret-win...64.cmd

windows10-2004-x64

zapret-win...et.exe

windows7-x64

zapret-win...et.exe

windows10-2004-x64

zapret-win...ig.exe

windows7-x64

zapret-win...ig.exe

windows10-2004-x64

zapret-win...ck.cmd

windows7-x64

zapret-win...ck.cmd

windows10-2004-x64

zapret-win...eck.sh

ubuntu-18.04-amd64

zapret-win...eck.sh

debian-9-armhf

zapret-win...eck.sh

debian-9-mips

zapret-win...eck.sh

debian-9-mipsel

zapret-win...log.sh

ubuntu-18.04-amd64

zapret-win...log.sh

debian-9-armhf

zapret-win...log.sh

debian-9-mips

zapret-win...log.sh

debian-9-mipsel

zapret-win...ase.sh

windows7-x64

zapret-win...ase.sh

windows10-2004-x64

zapret-win...log.sh

windows7-x64

zapret-win...log.sh

windows10-2004-x64

zapret-win...ate.sh

windows7-x64

zapret-win...ate.sh

windows10-2004-x64

zapret-win...ype.sh

windows7-x64

zapret-win...ype.sh

windows10-2004-x64

zapret-win...irt.sh

windows7-x64

zapret-win...irt.sh

windows10-2004-x64

zapret-win...et.exe

windows7-x64

zapret-win...et.exe

windows10-2004-x64

zapret-win...ig.exe

windows7-x64

zapret-win...ig.exe

windows10-2004-x64

zapret-win...rt.dll

windows7-x64

zapret-win...rt.dll

windows10-2004-x64

Analysis

max time kernel
0s
platform
debian-9_mipsel
resource
debian9-mipsel-20240729-en
resource tags

arch:mipselimage:debian9-mipsel-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
10-10-2024 10:47

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

3 signatures

Behavioral task

behavioral1

Sample

zapret-win-bundle-master/arm64/install_arm64.cmd

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

zapret-win-bundle-master/arm64/install_arm64.cmd

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

zapret-win-bundle-master/arm64/ip2net.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

zapret-win-bundle-master/arm64/ip2net.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

zapret-win-bundle-master/arm64/mdig.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

zapret-win-bundle-master/arm64/mdig.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

zapret-win-bundle-master/blockcheck/blockcheck.cmd

Resource

win7-20240708-en

discovery

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral8

Sample

zapret-win-bundle-master/blockcheck/blockcheck.cmd

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral9

Sample

zapret-win-bundle-master/blockcheck/zapret/blockcheck.sh

Resource

ubuntu1804-amd64-20240611-en

discovery

ubuntu-18.04-amd64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

zapret-win-bundle-master/blockcheck/zapret/blockcheck.sh

Resource

debian9-armhf-20240418-en

discovery

debian-9-armhf

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

zapret-win-bundle-master/blockcheck/zapret/blockcheck.sh

Resource

debian9-mipsbe-20240611-en

discovery

debian-9-mips

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

zapret-win-bundle-master/blockcheck/zapret/blockcheck.sh

Resource

debian9-mipsel-20240729-en

discovery

debian-9-mipsel

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

zapret-win-bundle-master/blockcheck/zapret/blog.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

zapret-win-bundle-master/blockcheck/zapret/blog.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

zapret-win-bundle-master/blockcheck/zapret/blog.sh

Resource

debian9-mipsbe-20240611-en

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

zapret-win-bundle-master/blockcheck/zapret/blog.sh

Resource

debian9-mipsel-20240729-en

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

zapret-win-bundle-master/blockcheck/zapret/common/base.sh

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral18

Sample

zapret-win-bundle-master/blockcheck/zapret/common/base.sh

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

zapret-win-bundle-master/blockcheck/zapret/common/dialog.sh

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral20

Sample

zapret-win-bundle-master/blockcheck/zapret/common/dialog.sh

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

zapret-win-bundle-master/blockcheck/zapret/common/elevate.sh

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral22

Sample

zapret-win-bundle-master/blockcheck/zapret/common/elevate.sh

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

zapret-win-bundle-master/blockcheck/zapret/common/fwtype.sh

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral24

Sample

zapret-win-bundle-master/blockcheck/zapret/common/fwtype.sh

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

zapret-win-bundle-master/blockcheck/zapret/common/virt.sh

Resource

win7-20240708-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral26

Sample

zapret-win-bundle-master/blockcheck/zapret/common/virt.sh

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

zapret-win-bundle-master/blockcheck/zapret/ip2net/ip2net.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

zapret-win-bundle-master/blockcheck/zapret/ip2net/ip2net.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

zapret-win-bundle-master/blockcheck/zapret/mdig/mdig.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

zapret-win-bundle-master/blockcheck/zapret/mdig/mdig.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

zapret-win-bundle-master/blockcheck/zapret/nfq/WinDivert.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

zapret-win-bundle-master/blockcheck/zapret/nfq/WinDivert.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

zapret-win-bundle-master/blockcheck/zapret/blog.sh
Size

215B
MD5

a5f7b48e604b1cd5b929879fdca4d856
SHA1

bbbd30b20bd80c3d8950bfc0b3e2e685f86f7909
SHA256

a848f249447e65346ed4bb44fdac5de4c515522896c251cbcb937e2a701eab08
SHA512

cfd8e18c731ee88cce02f8024c599b270fe429116a03137e41802fd9a6118b32ae78024879340511408ce6674e14b7bc310a16fa39b3b8ab191ce8e2a35a97f0

Score

3^/10

Malware Config

Signatures

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/zapret-win-bundle-master/blockcheck/blockcheck.log	tee

Processes

/tmp/zapret-win-bundle-master/blockcheck/zapret/blog.sh
/tmp/zapret-win-bundle-master/blockcheck/zapret/blog.sh
1⤵
PID:733
- /usr/bin/dirname
  dirname /tmp/zapret-win-bundle-master/blockcheck/zapret/blog.sh
  2⤵
  PID:734
- /tmp/zapret-win-bundle-master/blockcheck/zapret/blockcheck.sh
  /tmp/zapret-win-bundle-master/blockcheck/zapret/blockcheck.sh
  2⤵
  PID:736
- /usr/bin/tee
  tee /tmp/zapret-win-bundle-master/blockcheck/zapret/../blockcheck.log
  2⤵
  - Writes file to tmp directory
  PID:737

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads