1e60513b4ee71a15d21c32ca13e163733eaff9a7dadf2eb989320548a4c13b78

Sharing

Copy URL

Twitter E-mail

General

Target

Zorara2.5(WaveUI).zip
Size

26.2MB
Sample

241004-cvfznstbnh
MD5

8f20a411b46454e8046dcb4d710f1e45
SHA1

ca6d50457d0d8f2d3fd19f7519923008618eb260
SHA256

1e60513b4ee71a15d21c32ca13e163733eaff9a7dadf2eb989320548a4c13b78
SHA512

42dfe1feb21a12f3b6a6cb751aa5fbda06c94becefa1dd8050ffe93d134a335dbe13d57860f6bde710f0bb831bf5b25330d2da79f7d86bd6d5becf14ba35b8ad
SSDEEP

786432:ii0uEo7eE4NMas9BVAcGV67PHucp6A4VX00OvsycOOqntgZc:ii05xEiUBVAce67PHJ1GOEyOqntgZc

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  Zorara2.5(WaveUI).zip
- Size
  
  26.2MB
- MD5
  
  8f20a411b46454e8046dcb4d710f1e45
- SHA1
  
  ca6d50457d0d8f2d3fd19f7519923008618eb260
- SHA256
  
  1e60513b4ee71a15d21c32ca13e163733eaff9a7dadf2eb989320548a4c13b78
- SHA512
  
  42dfe1feb21a12f3b6a6cb751aa5fbda06c94becefa1dd8050ffe93d134a335dbe13d57860f6bde710f0bb831bf5b25330d2da79f7d86bd6d5becf14ba35b8ad
- SSDEEP
  
  786432:ii0uEo7eE4NMas9BVAcGV67PHucp6A4VX00OvsycOOqntgZc:ii05xEiUBVAce67PHJ1GOEyOqntgZc
Score

1^/10
behavioral1 behavioral2
- Target
  
  ZoraraUI.deps.json
- Size
  
  1KB
- MD5
  
  ee050ece4b1f0f111e10981884f07387
- SHA1
  
  f16089a17da8eea78fceda91508fad19b5fff25b
- SHA256
  
  a2185ec02c244c7fbbacf31dd08860f28ad3807b71b8748ada30ccd5c67f8723
- SHA512
  
  95166f86b3c196872cf17e6c29e09da639751ba97c434dcbb8a4b7407fe86c6a4b710437eadf13c06cd787e8ff7d1dee00821400bd6f1d762d10ea7d69328965
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.fingerprint
- Size
  
  66B
- MD5
  
  0c9218609241dbaa26eba66d5aaf08ab
- SHA1
  
  31f1437c07241e5f075268212c11a566ceb514ec
- SHA256
  
  52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b
- SHA512
  
  5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.json
- Size
  
  134B
- MD5
  
  58d3ca1189df439d0538a75912496bcf
- SHA1
  
  99af5b6a006a6929cc08744d1b54e3623fec2f36
- SHA256
  
  a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437
- SHA512
  
  afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/protocols.json
- Size
  
  3KB
- MD5
  
  6bbb18bb210b0af189f5d76a65f7ad80
- SHA1
  
  87b804075e78af64293611a637504273fadfe718
- SHA256
  
  01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c
- SHA512
  
  4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/crl-set
- Size
  
  21KB
- MD5
  
  d246e8dc614619ad838c649e09969503
- SHA1
  
  70b7cf937136e17d8cf325b7212f58cba5975b53
- SHA256
  
  9dd9fba7c78050b841643e8d12e58ba9cca9084c98039f1ebff13245655652e1
- SHA512
  
  736933316ee05520e7839db46da466ef94e5624ba61b414452b818b47d18dcd80d3404b750269da04912dde8f23118f6dfc9752c7bdf1afc5e07016d9c055fdb
- SSDEEP
  
  384:Vt71+czeWhU6yVS2Ddc0fp/9yYoIJgWUeJuDzeG0LOsr2h9ltQYX9hVPz/HG1pBu:j4sBwVPDdFhVyYoPWUiuXeG0K5dQYXFr
Score

1^/10
behavioral11 behavioral12
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.fingerprint
- Size
  
  66B
- MD5
  
  33fc4bf1927352bc1845acdde3a6ba63
- SHA1
  
  63ac2f004ac10198e729e9ccf55f6ac4f7f3c622
- SHA256
  
  4ed04e713c9d8f5d80e83645b62f1be84ec0516d37f339b3d443d8f792dea113
- SHA512
  
  7e38e264713750baf58dd9ad779885a7aae5a6fcb825eaa44b3cf814dd09cd0bf8f95b5ab5db600d19a64b02ec2155b4c9a3bc2a86e9b18eece8b3100e8c2ff1
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.json
- Size
  
  113B
- MD5
  
  b6911958067e8d96526537faed1bb9ef
- SHA1
  
  a47b5be4fe5bc13948f891d8f92917e3a11ebb6e
- SHA256
  
  341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648
- SHA512
  
  62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Crashpad/settings.dat
- Size
  
  280B
- MD5
  
  9d5f8caa5eda8d19c034e6a2cec20330
- SHA1
  
  baa86494a4214f42e516d12b83c3a84762e55775
- SHA256
  
  3b9d63bf80317c1b210ac199e609b345f5442666bfcb624b6aa8bf37e84cd6f4
- SHA512
  
  01e26fd31833b488225c061d4297d04501479f5ace8e6978fabd9850963661d828a3f85a8b4b0db4e09fbc01ba28eef33c7291792f6f1491dc033bf7bb648301
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Crashpad/throttle_store.dat
- Size
  
  20B
- MD5
  
  9e4e94633b73f4a7680240a0ffd6cd2c
- SHA1
  
  e68e02453ce22736169a56fdb59043d33668368f
- SHA256
  
  41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304
- SHA512
  
  193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_0
- Size
  
  44KB
- MD5
  
  b725e8b76f04d49773150a0dd33c946d
- SHA1
  
  24aac12ac15f67ee5fecca8dd1b6c99adb96ef60
- SHA256
  
  eb82f2f558861ee1cc1d7f14503f0022157966bd2728d60741e0be41bec1dd6e
- SHA512
  
  85a862b0f59f9720b2fe6b34d1c6d1e2056a412dc0554ac4ff2eaa0db7a5e046f55cd473c8edbf9a79b7ff01e17b51e080067b48b118348ca3ca38c5f086ecce
- SSDEEP
  
  3:MsFlYhXllLlX8lWZ+PlH+fl72n:/Fiz10WZkeNy
Score

1^/10
behavioral21 behavioral22
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_1
- Size
  
  264KB
- MD5
  
  7c0b568f585dd67a2a8aba51e518cd94
- SHA1
  
  02aece6d75925a0cc9f5390d41030c78b6cec364
- SHA256
  
  76059b256e5ec039d43740146fd656ed93cdf25954faa4c4c88737665d10435d
- SHA512
  
  bdc2783e09fca221f5f2db500c59a1390479daca7acecd281a8c7ba1347925cac697117c400caa4df3f7a495e3352319a971a4af19ef380c66e60a8b50e8d92c
- SSDEEP
  
  6:/M/PXGuEVt00EytXXXX8fdMGYCCcgJU0OhI:U/PXK00EyRudMGYCGU0Oa
Score

1^/10
behavioral23 behavioral24
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_2
- Size
  
  8KB
- MD5
  
  0962291d6d367570bee5454721c17e11
- SHA1
  
  59d10a893ef321a706a9255176761366115bedcb
- SHA256
  
  ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
- SHA512
  
  f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed
- SSDEEP
  
  3:MsHlDll:/H
Score

1^/10
behavioral25 behavioral26
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_3
- Size
  
  4.0MB
- MD5
  
  e46efdc7ef2a13d55ab934cc02903772
- SHA1
  
  255579375cdf64125842cef23f65461879588ea8
- SHA256
  
  ff517d180b846eff8544f3e7cf7efdb2c0b3c4feeffd2a1fee1dad89f9a36c07
- SHA512
  
  a6d8dbe37df0e1fab433738076854085d1ac048979ba23ee9c01c6174bc9f408d4ac1383714244461ced4df83ada0259e6cab5d76158fea2d2d06aee6bbb15ab
- SSDEEP
  
  96:deXGNYsrCBDt1bu4tyXiF10VM7cTOF2A3dFniudVR:dXrClzbPIyAQP
Score

1^/10
behavioral27 behavioral28
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Default/Cache/Cache_Data/f_000001
- Size
  
  170KB
- MD5
  
  d9d5de59488c160ec82077a175384aff
- SHA1
  
  0d3b0b2ad7636793e06406682dba49fc043000b7
- SHA256
  
  d50aeef84ae7e3685863249d28f6322e952792940fc5c851d921c9836332dab9
- SHA512
  
  daa64356473dc7143a864aa77895fd7258d61a5e4b6316fa4b4a258b18e20ef3805feed596fffd73dd7eb7e23522f097b5ba68ff705928c761aa20c38c08f3f2
- SSDEEP
  
  3072:TAdbCxeQJhYeIh+NXmqdFa+rzFu/UBILrcTypuQpBMBpB6AclI6Wy826:TA5CrYt8xmOFzAU8puQpBM1GUj
Score

3^/10
behavioral29 behavioral30
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Default/Cache/Cache_Data/index
- Size
  
  512KB
- MD5
  
  3dc3d2fac03c40d8b3fbbb14a026103d
- SHA1
  
  189a49ed8bb313b44e0f843418e8d21f50ee652b
- SHA256
  
  6aac005753a6885ab62eb1b1fa1b6f74ae027937310bf9a4773b94efcddf362d
- SHA512
  
  ab681ffaaad155b7bfb2043ca89bb0b70132de3c7a8e19f19080265ec5c317907cf5105f9cfef81d710a29dfdf645e822bb71bb36bc574c04f0be0262619e4a1
- SSDEEP
  
  3:LstlnllllllnlJlKYZ/tUlNnMNtl:LsXnt/lnletmN
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32