zebrocy | bbf0e161b87265e5f10ca226f1188eb6ce157acb7c2aac6ad56367058e86f5fb | Triage

Submit
Reports

Overview

overview

Static

static

2024-10-15...ch.exe

windows7-x64

2024-10-15...ch.exe

windows10-2004-x64

Sharing

General

Target

2024-10-15_6d80b3e76099d049c5008a23d38936ab_snatch
Size

2.6MB
Sample

241015-lwpsmssakm
MD5

6d80b3e76099d049c5008a23d38936ab
SHA1

3b47d5fc476349dfd33594d1647610925d863151
SHA256

bbf0e161b87265e5f10ca226f1188eb6ce157acb7c2aac6ad56367058e86f5fb
SHA512

3305b4818b4a1ec6e8b8d1c479f4da68d35af98aae043b43eb59f45d4a1bc301b337cd542feb6d12c9ecd7365cde70885233469092bf5afc87dc3f9195cbed95
SSDEEP

24576:t4ybxkJlcXgszkiwIm9seW6sCtTlXc/ut5Mdrp7hSgsuLu5RPVeVbV2qK7zAq/Gm:r6cQsoBISsB/LujVDAB/X+

Score

10^/10

zebrocy backdoor discovery trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

2024-10-15_6d80b3e76099d049c5008a23d38936ab_snatch.exe

Resource

win7-20240903-en

zebrocy backdoor discovery trojan upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-10-15_6d80b3e76099d049c5008a23d38936ab_snatch.exe

Resource

win10v2004-20241007-en

zebrocy backdoor discovery trojan upx

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-10-15_6d80b3e76099d049c5008a23d38936ab_snatch
- Size
  
  2.6MB
- MD5
  
  6d80b3e76099d049c5008a23d38936ab
- SHA1
  
  3b47d5fc476349dfd33594d1647610925d863151
- SHA256
  
  bbf0e161b87265e5f10ca226f1188eb6ce157acb7c2aac6ad56367058e86f5fb
- SHA512
  
  3305b4818b4a1ec6e8b8d1c479f4da68d35af98aae043b43eb59f45d4a1bc301b337cd542feb6d12c9ecd7365cde70885233469092bf5afc87dc3f9195cbed95
- SSDEEP
  
  24576:t4ybxkJlcXgszkiwIm9seW6sCtTlXc/ut5Mdrp7hSgsuLu5RPVeVbV2qK7zAq/Gm:r6cQsoBISsB/LujVDAB/X+
Score

10^/10

zebrocy backdoor discovery trojan upx
- Zebrocy
  Zebrocy is a backdoor created by Sofacy threat group and has multiple variants developed in different languages.
  trojan backdoor zebrocy
- Zebrocy Go Variant
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

zebrocybackdoordiscoverytrojanupx

behavioral2

zebrocybackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy