Overview

overview

10

Static

static

10

Bin/ControlzEx.dll

windows7-x64

1

Bin/ControlzEx.dll

windows10-2004-x64

1

Bin/ICShar...ib.dll

windows7-x64

1

Bin/ICShar...ib.dll

windows10-2004-x64

1

Bin/MahApp...al.dll

windows7-x64

1

Bin/MahApp...al.dll

windows10-2004-x64

1

Bin/MahApps.Metro.dll

windows7-x64

1

Bin/MahApps.Metro.dll

windows10-2004-x64

1

Bin/MemoryRobot.dll

windows7-x64

3

Bin/MemoryRobot.dll

windows10-2004-x64

3

Bin/Neo.Lua.dll

windows7-x64

1

Bin/Neo.Lua.dll

windows10-2004-x64

1

Bin/Newton...on.dll

windows7-x64

1

Bin/Newton...on.dll

windows10-2004-x64

1

Bin/RDManaged.dll

windows7-x64

3

Bin/RDManaged.dll

windows10-2004-x64

3

Bin/Scinti...PF.dll

windows7-x64

1

Bin/Scinti...PF.dll

windows10-2004-x64

1

Bin/ScintillaNET.dll

windows7-x64

1

Bin/ScintillaNET.dll

windows10-2004-x64

1

Bin/SlimDX.dll

windows7-x64

3

Bin/SlimDX.dll

windows10-2004-x64

3

Bin/System...ty.dll

windows7-x64

1

Bin/System...ty.dll

windows10-2004-x64

1

Bin/UpdateManager.dll

windows7-x64

1

Bin/UpdateManager.dll

windows10-2004-x64

1

Bin/authManager.dll

windows7-x64

1

Bin/authManager.dll

windows10-2004-x64

1

Bin/rStyle.dll

windows7-x64

1

Bin/rStyle.dll

windows10-2004-x64

1

Bin/robotManager.dll

windows7-x64

1

Bin/robotManager.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WRobot-z.zip

  • Size

    7.3MB

  • Sample

    240829-m22vtszdkn

  • MD5

    35e859fa60060ab806683397594a3565

  • SHA1

    4585126346c4196c9e8aa7ac7e9d0276be26de89

  • SHA256

    1f99591ac3bfba4ce8a3113d7ef5558bbb8edea8d4989dfdb4e126f4e2993a28

  • SHA512

    577a8d002364f39f2e395d8a3d39131d3ae2c897c67e4826fd4b4ef2a65c8f786c101484fa8608fbb16db65761ef9f6d16de6971b9c49f8e888f29d87d08566f

  • SSDEEP

    196608:mJueG/nPQXBX440cGdMBxQp7c6l8c+btoRk:mYTnPQV43Mwp7c48cKt/

Score
10/10
zgratdiscovery

Malware Config

Targets

    • Target

      Bin/ControlzEx.dll

    • Size

      184KB

    • MD5

      ddeeddc0e90262016c252ce5c4c1320d

    • SHA1

      eedd12341deb79c993c3640fd7911b16cea9b8b4

    • SHA256

      97bbacf1369c02cee073c6c020ca95757a2a17eb1e09a077833268065ac7e9b8

    • SHA512

      0cb08474caa8ed99efd6b66c4f4438933cd6dccc50984128fc135263f28ccb6b9ff1fc87d2743fc83f2bed5d242f4db1f5885269fb975d0c76e5ee657023319d

    • SSDEEP

      3072:5E0EAPzbErGWsOMpgV0Dc6RdUdF0HQszXAfZMdFtp04b9Y8B3m1k7pq7FLFa2u+:5E0EAPMrGWsWDWidF0HQszCZ2Ftppb9m

    Score
    1/10
    behavioral1behavioral2

    • Target

      Bin/ICSharpCode.SharpZipLib.dll

    • Size

      200KB

    • MD5

      46935bd60db8e8ae07aa258e4e7c1537

    • SHA1

      f49710d8c6169747cd5b2edbcc7be02f1e9c3965

    • SHA256

      ed41f709f8bea7f37baf8d15c61ee998f1ff2841d94a5a6e26bed8a271335102

    • SHA512

      59e800886b51cdb414a2c135100d9fe6134e2a097e43e3c13c762464f5271ba12626a27048c5b447daed841cf09ce51ba2cda659415438c33985454ed12d527e

    • SSDEEP

      3072:XjMibqfQqFyGCDXiW9Pp/+Tl4abpuu201PB1BBXIDwtqSPVINrAfvp1Q:4ibqI59PpOPf201/z7p6

    Score
    1/10
    behavioral3behavioral4

    • Target

      Bin/MahApps.Metro.IconPacks.Material.dll

    • Size

      1.7MB

    • MD5

      eed95ffaa194582fa16fbed0e76349cc

    • SHA1

      dbddae06637102df646eebf406e5303147443be2

    • SHA256

      2e838ff12630546c33b17cda279e0d29390a1f36739e2d451e17d9ea02b6feb4

    • SHA512

      75c82534e085c3ebf249a8af0ae528affa5d73df7f5b0aa44040d10e40a048e113a9e572f71653d52d139af9de209c3e230a5b14b999d86f77cbef74a76c540e

    • SSDEEP

      6144:6g1J0khi0cXYTeg6OvouIz3kjwiioD0I8q+M+pPrYIeaWqAs0PGH/nrnnreYQxmI:d3phi0mlA1k

    Score
    1/10
    behavioral5behavioral6

    • Target

      Bin/MahApps.Metro.dll

    • Size

      1.1MB

    • MD5

      f0cd5cbe4062fc132fce14ea8d0c179f

    • SHA1

      b1f75814d84a7d6f5a1bad666dc97129ad7f3c00

    • SHA256

      d86fa525c1ae73baac671e7b7ba8067277f2fffc6fe19219f9d6c05553a13039

    • SHA512

      dd29ba4f28b61e86776b7b53ac74c3126b2a71f4534136ad5ec1a556b3447fc8f1794ab709af320788b51ccb6d31c4a0e87c6aa91fd029dcfbee2c00d6e76532

    • SSDEEP

      24576:yEAVf5dAgAgAgyjev4ICwQGZDHSxV/wvHG:yd6ev4GQGZexV/UG

    Score
    1/10
    behavioral7behavioral8

    • Target

      Bin/MemoryRobot.dll

    • Size

      226KB

    • MD5

      c093b586097d3f5a70e7e60cc6424f2c

    • SHA1

      0d6e1fd7faaaa1d4b4ef4eb6cd1d535928c97f59

    • SHA256

      a09d2463606300fd162433656649f3af3e72c583560f98460d65f5808e8f6b8c

    • SHA512

      b770aeb73eefc43d002de6500fb433b7c0776908a1db499f630dc5aa9d9f30ae2e4df4a681a6f5a67e6970a2cee70d8f1ef6f7c320005149139f91f353b2b4c9

    • SSDEEP

      3072:2VASsUaD3W7X0njfWq57EDbzy+P29AAoOBdm8O6JIaTs6Kom6LOfElj1:E8U43iDa6uhdm8O6aaTHKULOfE/

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      Bin/Neo.Lua.dll

    • Size

      325KB

    • MD5

      a6623502431137a88e2cc39cf082b1a4

    • SHA1

      64aa4ba1eda6f3b26024ec029e1d6b4344f6a824

    • SHA256

      5047c826413ec23a2763be2cf3eb1c97a10ca4f7ac1d9a8d42f0f74e7adce3ee

    • SHA512

      44430fa4ce92489edf41bb0758ccb16bab8c9d2a910ca17fdb96291bd3467f076591d24e50b87d87fed4440018bb99f1d43dc4dc237f9f853bc039b60188ff9f

    • SSDEEP

      6144:D4IcF2DCgCVAdAyHLuX3nf543+paayd0DNT:EIeY1CV63AO3+pvT

    Score
    1/10
    behavioral11behavioral12

    • Target

      Bin/Newtonsoft.Json.dll

    • Size

      660KB

    • MD5

      02a4ece2f79f50e345c2118c689604cb

    • SHA1

      06dd6d5f342428cebb95fe5def0e30435196c005

    • SHA256

      c44443b2b78b2a198f32ac505c10feb52f45d43d75a468262ee9f71b3eeea51a

    • SHA512

      b679a7872e9c902dc496b9d71c1bf7742b58bf73f444876f4f880bccfd72325f47f913adc4fcd902b85df7c1ea03aea646d2385ebac9b6820e7efeaf433c02d8

    • SSDEEP

      12288:Fktg1lrjC8rjICqbwNjR4xq7iiX19K7Df/SoOKQrIB+jf:FggD7PIEjR4xq7iiXTK7D3So9AIB+j

    Score
    1/10
    behavioral13behavioral14

    • Target

      Bin/RDManaged.dll

    • Size

      415KB

    • MD5

      c76fe470e1b7a8dc38710319a5a52ce6

    • SHA1

      1a1fe9b02c7643cf3bb115be5598d110e8197730

    • SHA256

      86d6000c97a9a439704006d311f7a4ded0e91fe4341c55fce0e3acc1562c1a5b

    • SHA512

      282cc7e27b3a75ca626ec077af0dfd00dd33699d34998a26b6abf1daf1b9bb7ef103a34e66fdecfcc08cdf2c229e9f59921baadb5fa15dc95127a343f2a561ea

    • SSDEEP

      6144:XwpQwPYl2S0kCRudXTFWhzEexKawp+Dh75+o8fpp6UiunBc4OGWHOOBQ+yE8:gpQwPQ22CRudjFmh7co8fSU9j0X8

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      Bin/ScintillaNET.WPF.dll

    • Size

      93KB

    • MD5

      d065185c89cb9165e3e3145ac856a721

    • SHA1

      f330da3b34fc8fbffd7202cc9faec015c14ee036

    • SHA256

      65500f11781e6190226e41e7430bc5840a706f4fbda98a1e1b6d198d0f791d7f

    • SHA512

      3ade0cdb65752a1f9d8d4c9ae7acf4270a87fccb3b93d6e5afc4430d0cd37ef08a8d53bd574f7c2afb37f6f4c6647f559d5831b36cdeb0a76cf13d97a5088202

    • SSDEEP

      1536:ieMavAPI4Y1TaCUOmuUy2fqy+cRxezVpm2VzYzbqHSip5c:VB1T/Uky+cRxezVJVcqyE5

    Score
    1/10
    behavioral17behavioral18

    • Target

      Bin/ScintillaNET.dll

    • Size

      1.3MB

    • MD5

      fcf63ccd22a3d03a4e18f0de9e026316

    • SHA1

      b3f121d757925ee5e02700014ca8616b5568e145

    • SHA256

      7fcbdcbd8df433d93028d23b31fe6571bbbaf0132d32ccf44c67821bc6de482c

    • SHA512

      346129f3b185638feb80c9c748f3d7062ff24215f57880e6f9373a195998c5d19646504247f1ff18e29c0db61a478ae64b7ee1651400942adce6ca6f0bdd99fb

    • SSDEEP

      24576:gJSShz305vgNF7/cOCPHPSVs4Eq+QTNX+cfQdS+2MMPishd/Ws5t:1i0aNvoHqs4L95X+cfx/HGCt

    Score
    1/10
    behavioral19behavioral20

    • Target

      Bin/SlimDX.dll

    • Size

      3.2MB

    • MD5

      5ceb31a41198aeb359f32b17f796e405

    • SHA1

      8588293d01e8eabdc1031f9cc6eca3d267afeac2

    • SHA256

      5d3f892aafe7debbff365a6a00bccf760469068f2a76b775ec72d11fa4c1c1f4

    • SHA512

      08697abc450b24965e9b99a220f1d5eac401461051fb9c68e7f5e1e48c49a5f045c40496c6e57a7198c65917e0f00ee2068e3a1c3723267f49b2597c02a68586

    • SSDEEP

      49152:dabj5zUoBrR/tgD2wAKowwlBP1BMqUH8QRJsAW/eYfRx/LukJK3QJW67eIlTpVcq:dggZn

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      Bin/System.Windows.Interactivity.dll

    • Size

      47KB

    • MD5

      66910ef24ef9f71051a06101296af730

    • SHA1

      3c13a7f6e9988c6b9679643732d80bfd9e35069f

    • SHA256

      1cd34a07e8e2cf42591afa17eea78a5e0fe412a2cbb8f5070eaece02efb7e6cb

    • SHA512

      9d3876ff1d715cd519f0a24bd66f2a8d812884b4bf582d50654fe9c4edf45fb11255438c3752513bc21d689b00e1890de4aa30f6657c1c195b8cc79829fb6579

    • SSDEEP

      768:aMTtry8cWj9pbmZaEATaOuL5xnM7JxKjkMlZCZt+nuE7XF4kyS:aYQaIZaEmaOQxn6JxKjtlMZAnuETCu

    Score
    1/10
    behavioral23behavioral24

    • Target

      Bin/UpdateManager.dll

    • Size

      29KB

    • MD5

      f14b9aefbcb6cc48428681e27412ec7d

    • SHA1

      beff144dc90ad62387d23ac03341bbfc3f6f4e0f

    • SHA256

      ba2136199a9d482877329d8fe60a0c06a12ea96657bbd525e86c400385cec868

    • SHA512

      a7fda06b4676ef3e75ae62e23481681a12951d350dbc581789cd639374aa2fbd46f32e4bf024f7e61e3c563a52b36f32c6cad7350a420a510fa5961137ed65ac

    • SSDEEP

      768:08vhn7aEa7FTV5sBHocFj5fYtdk2dp83nyK:hhn7aECyI0JYI2dp83N

    Score
    1/10
    behavioral25behavioral26

    • Target

      Bin/authManager.dll

    • Size

      309KB

    • MD5

      bb969c90b02ead5c586dc5b4164d08d4

    • SHA1

      812b2b73b2186ae01dedf3b27e9971e6e95c3871

    • SHA256

      02aa03cad738c0dcae1e4dce145fbffb80417b9ad7c1d1e38109cbaebefc8cec

    • SHA512

      d4417db64030196500b27fee07147f21082cac802c0c1c590a7aa8e47cd0d01c9df5efdee3bf0a27dbc0d3e669ca6939a15dcf2bdf53d44526a675513d018c90

    • SSDEEP

      6144:RyqiMnSwJ5URdSzOPtp4RvgEV6Z99jSjsKovcrRJEw5:RAMSwJ5hzOFp4RvgzFSjslcVWI

    Score
    1/10
    behavioral27behavioral28

    • Target

      Bin/rStyle.dll

    • Size

      132KB

    • MD5

      0261d5acc1354b2bebb9759551a150a4

    • SHA1

      cccc6e11441818373484982d16d57890c9a4604b

    • SHA256

      862c2552ca619a86767b7e6e718670f77185727aedb436eed073885c233edf65

    • SHA512

      b4b07ce260257bda229fc98392c28c837eb4cc17b79a81fee4545d6bc39977d422733668fa84769c2d1c103440dbe3ceb47bda61138b63d22dfcda3408b72207

    • SSDEEP

      3072:G5Uah0k5pA0mGUg+bzsKbwDZlMDdL3dufFHH1:Ih0kzWGUzowe8DtNaF1

    Score
    1/10
    behavioral29behavioral30

    • Target

      Bin/robotManager.dll

    • Size

      400KB

    • MD5

      8ab369e7cbc82d6efcdcc9b067b44999

    • SHA1

      e0d07ced8dbb6c26687912723a4b8e3160bc0d8c

    • SHA256

      7aea89539cb70163a686e0c907f3989ec61ac248897121fc439e100b8fdc8e94

    • SHA512

      6952466fdc781a90cfcf8389a2b799f9e930ee4bd2324478507d372e9799622274a67ac8b6805d1134b665010dff2ab9b1483d1d3605702b2b088398aadf377c

    • SSDEEP

      6144:JylY+F3qCS9EhL4m+IelYO7DAKnmSDrDICbkX0BGNC5f5nidwClNEIO:J10aCS9Eqm6KemcGc5fCwYKd

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

zgrat
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10