Kalambur (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

ps1.kalambur (Back to overview)

Kalambur

Actor(s): Sandworm

According to EclecticIQ, Kalambur is designed to gather local system information, then download a repackaged TOR binary inside a ZIP file and retrieve additional tools from what is likely an attacker-controlled TOR onion site.

References

2025-02-11 ⋅ EclecticIQ ⋅ Arda Büyükkaya
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
Kalambur BACKORDER DCRat

There is no Yara-Signature yet.

Kalambur Propose Change

References

Kalambur