zgrat | 78720bce4f27771c9331991c901a19e033f7cb816928c3f151a2e37654c208af | Triage

Sharing

General

Target

78720bce4f27771c9331991c901a19e033f7cb816928c3f151a2e37654c208af
Size

1.9MB
Sample

240906-tnmx3swelf
MD5

2db85e154219ebf9b9a3371230b2a0f8
SHA1

200274b9565cdf111e648ff193c88431f2304216
SHA256

78720bce4f27771c9331991c901a19e033f7cb816928c3f151a2e37654c208af
SHA512

b02ad64cf90f3fe312dd9ad63f5faa1da4e7c385a096d65fa1af4e6ef9589776538ee310cf86daff3c60e0da81bf203cab26f32bfab82e36a4eb00e643aca8a9
SSDEEP

49152:sS90kzTYFkG4337liKzvpRRGKF/sc+gIxfv4XeT:sU0TFkGaZp3GfcWxfv4uT

Score

10^/10

zgrat discovery

Malware Config

Targets

- Target
  
  Calamari/Calamari.exe
- Size
  
  154KB
- MD5
  
  3bb68e459405f9d621fea08fca8db99e
- SHA1
  
  a667438af4a30700d229752df30f423f169c1186
- SHA256
  
  0f7071d56098ef0a448b562760ea2f547e4a2f8d26fc4e456b6e6ed47445cc20
- SHA512
  
  69788e7b8a0a5cae8fb85f31cd63c735343b11128da1be0c71414c41973ad9246487915b24eb40436ba104a3851f0848e902f7c9cb9a084255420eff4a49478b
- SSDEEP
  
  1536:A//X0u8/LwqNlRtXCPF9tdyB6nW6b22ehN8OIZG9Fwk0eL/qzCU27yHi+tdGtdtw:A30tT9tXCPLKB6nT6UPk0eT0w2i+ulw
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  Calamari/ScintillaNET.dll
- Size
  
  1.3MB
- MD5
  
  9166536c31f4e725e6befe85e2889a4b
- SHA1
  
  f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae
- SHA256
  
  ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163
- SHA512
  
  113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562
- SSDEEP
  
  24576:IJSShz305vgNF7/cOCPHPSVs4Eq+QTNX+cfQdS+2MMPishd/Ws5:ti0aNvoHqs4L95X+cfx/HGC
Score

1^/10
behavioral3 behavioral4
- Target
  
  Calamari/SynapseZAPI.dll
- Size
  
  6KB
- MD5
  
  877e3d22c496d3441bb9eb54965babc5
- SHA1
  
  73912c32638e8acb0097b59c25c62b29bc0f47cc
- SHA256
  
  4ee4111409c6d9e9e82b846798ffd1b404d7fce49a0429421c7d5be540edcceb
- SHA512
  
  633a2fab8b13a6ca8e884917c77f0a67e6452164373b9c2fcd0ad7c5e5d329aa2a297e7adee40e047afc71d94b50ecc733783aa9a41a7630d298752ae939a6db
- SSDEEP
  
  96:fW/SK+J1JpYmmmPbtbU1sn/32F0TLVV3wmoeVfjVH:x9myCCn/7LVV5NNj1
Score

1^/10
behavioral5 behavioral6
- Target
  
  Calamari/sxlib.dll
- Size
  
  864KB
- MD5
  
  d00e1627d7536022dd81aeb27577221c
- SHA1
  
  56a1f78e5acc89b97b02652f61a154265511ffcf
- SHA256
  
  904a9329bf56d110adec486f37411831a1148934a5ca4bbff9e33a1ca8ce5bcb
- SHA512
  
  d7cb95dd515f1edfde7e17681563bf5b709ac06f33805ce70dbcb76aca4ee34061c5201a54e1a92d67a1fb8f59512c8a64fcbb201fc88e5536001e40489dab69
- SSDEEP
  
  12288:EnfEbmXVMomkzPuY6TZNPERW1v+wUGx6tEhPaZLuabPIkLOh/1K9FaUQmUFv7SZR:WhziXGGv+T8wECFIMOYHUv7S/WkuvA
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8