Overview

overview

8

Static

static

3

tchat_inst.exe

windows7-x64

8

tchat_inst.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tchat_inst.exe

  • Size

    8.0MB

  • Sample

    230614-j8b17sfa8v

  • MD5

    2c11d8ea76d8ff2698e9b2b579e0e5d2

  • SHA1

    6a200a5400847cea1825c23178df970bfa745ac6

  • SHA256

    68692316d2a4c3068c7ad41cd2ef0ca29dd1f8da27cba1e119dd8db2eeec3a66

  • SHA512

    09334f5356fe505346749a16a576d33c27a37047c0e01d40b37bb1c27320260caf7f8c9b51cfb5a62cf2024b7031f3ea5f6dac8119a72f9439a59420df18bd1a

  • SSDEEP

    196608:dddI5XCr873EmHMQDMFnIcmheyZA/hpIy40fB+BAgZn/a9D6:ndgC83tHfILSy40fBOAgR/aU

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      tchat_inst.exe

    • Size

      8.0MB

    • MD5

      2c11d8ea76d8ff2698e9b2b579e0e5d2

    • SHA1

      6a200a5400847cea1825c23178df970bfa745ac6

    • SHA256

      68692316d2a4c3068c7ad41cd2ef0ca29dd1f8da27cba1e119dd8db2eeec3a66

    • SHA512

      09334f5356fe505346749a16a576d33c27a37047c0e01d40b37bb1c27320260caf7f8c9b51cfb5a62cf2024b7031f3ea5f6dac8119a72f9439a59420df18bd1a

    • SSDEEP

      196608:dddI5XCr873EmHMQDMFnIcmheyZA/hpIy40fB+BAgZn/a9D6:ndgC83tHfILSy40fBOAgR/aU

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks