98c3e3880e19903d9be5246c6289c2fc4da140f6873e3afc9fd31d7541ba4d0f

Sharing

Copy URL

Twitter E-mail

General

Target

TRMTracker_Antero_TRM_Hotfix_4.2.092.zip
Size

2.6MB
Sample

231012-s5glyshc7w
MD5

33cbd510ef44afa195d9d3c5105ec36f
SHA1

061f9d614f83fdcbfd3f1ca82c7576f85a5eaa29
SHA256

98c3e3880e19903d9be5246c6289c2fc4da140f6873e3afc9fd31d7541ba4d0f
SHA512

84800aabf2ecd7a813ae805ca291bdee67f19b73ab61296a5b75f4f2d3a254ceca07e5c914c01c2a1f6ca007f2fbaaaa77f6a2ed30acbd8b832f3e427b13da62
SSDEEP

49152:c4mBBJm9jLSCZrLOr9J8485LG0sRJ4nISqdv2829xQ:clB6juCNLOr94G0Kwqdv2X9C

Score

3^/10

Malware Config

Targets

- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Accessibility.dll
- Size
  
  35KB
- MD5
  
  995b6735bbee28afa57c6c5bd8187043
- SHA1
  
  1dced1ff455aacb8b11031b82ba28a125a4c3d80
- SHA256
  
  bfaa26444e50b25e8b3ea7e577667458f4397e48f272640cca28fa61032863a8
- SHA512
  
  de939dab8479c9886839b469035e39e73b92d6b18702b54de6d83054198174ac1dbead28c10740796952466b7eb9f3b8120b933e14cb82c691bcec8418639090
- SSDEEP
  
  384:MaVhVklSlklSl3tyPTyDlRg90voeWCbW6nBA0GftpBj+/aoiLlXBtPVs/XAa0OpX:zpsWsW36yc90voCjFihVPVWP0G5tT
Score

1^/10
behavioral1 behavioral2
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\DocumentFormat.OpenXml.dll
- Size
  
  5.0MB
- MD5
  
  8085da370d0def3616b91945f6a68a23
- SHA1
  
  2612ad94b19bf904c9e5b5f38e71e3481a834bd1
- SHA256
  
  bb18c540d6c1ec80d7d3ae9a538f3205e6e3e695c6788e406d793c53d50ed415
- SHA512
  
  4d7a0a8c840d0ade7002bcc7b5c96835f51e7660a7f6359f420b76e5b846457c6b8ca003b705c069b58915481fc6abede01e0a5017ec4be36cd465d38396e1b5
- SSDEEP
  
  24576:OelRlExm5thrh1YBKhX8qJ67RiraMkFXGH48H3P9iqqk806Q4lZonub92Mjoj8PL:Zh1JilG5426p52DjGSfdiiVIelkkp
Score

1^/10
behavioral3 behavioral4
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\FARRMSGenericCLR.dll
- Size
  
  373KB
- MD5
  
  8889480fddd0ee0574c8dc490184706a
- SHA1
  
  f4b7e821b640d140707ae28605e0beec0a93bdb4
- SHA256
  
  77dd61983edc3294eebc062d683247fea4f0cc018a8630a011f40da8633ec864
- SHA512
  
  41612376dba512090ce9dde3ac0c2a79f70e6e3390fdd8267a36231afd1c06a0110e2f37e3caabb7a2c5631c0db8120cd984b2e264e91ce0b73bc5a110f01ac8
- SSDEEP
  
  3072:q6ECY8BvRS45L7qccpdiNodXTrWBqrBwshbriCR+s3/JdAvqHk5VyOkaGj7sBvGc:qHCYSpS4gKskwza6wBvy1VAC
Score

1^/10
behavioral5 behavioral6
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Ionic.Zip.dll
- Size
  
  451KB
- MD5
  
  6ded8fcbf5f1d9e422b327ca51625e24
- SHA1
  
  8a1140cebc39f6994eef7e8de4627fb7b72a2dd9
- SHA256
  
  3b3e541682e48f3fd2872f85a06278da2f3e7877ee956da89b90d732a1eaa0bd
- SHA512
  
  bda3a65133b7b1e2765c7d07c7da5103292b3c4c2f0673640428b3e7e8637b11539f06c330ab5d0ba6e2274bd2dcd2c50312be6579e75c4008ff5ae7dae34ce4
- SSDEEP
  
  6144:leSYvQAd10GtSV41OJDsTDDVUMle6ZjxLV/rHo0Oaaz2R9IY:oJBdBS4msNUCe65frHMnz2R9
Score

1^/10
behavioral7 behavioral8
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Jint.dll
- Size
  
  531KB
- MD5
  
  2329b8a3bbad6c87f8463de5baf748f7
- SHA1
  
  d1155918cc9b1804ddc0c5ba2c0e734ab630f1e7
- SHA256
  
  d0eab5dda22bd9e6e41b2354cd8d90d12b66f38982260623b8be1b0a738c1005
- SHA512
  
  fe12d3c4bc625cf716e49c32aebc68b9adbdb167a137319a19534845c5d8b91f952475686dd7a2a5b9898b9f9c3defae1caa9286a18ff673d84cb3cc5b152119
- SSDEEP
  
  6144:ZoT5AD016559/R/ni0nxvVilNNveXlq8TitnwWAibUg8NCMeybLK:IGS6L9/BLlq8GIw8NC2K
Score

1^/10
behavioral10 behavioral9
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Microsoft.Office.Interop.Word.dll
- Size
  
  762KB
- MD5
  
  31a69f32502de8b29ed98bfa19de1332
- SHA1
  
  903f22a8b1416e4c00df321ecd66cf9fc20728a1
- SHA256
  
  dae57a0a42312711f6125024b00aed2df224b62be509f749126d27357e05a230
- SHA512
  
  31bb81fa09e5a9cb78c830ae149216ee8d20dd720e281775d7335d9854f8ef3d1597978b2e6b2d23a35ffda031f0eda89e1e4ed1c5a7c6723b84b19dd3657ad8
- SSDEEP
  
  12288:xLHb+VwvK58jWNoXiRULuFg/6pmrS5YHWF8DqxwBiN0fm5o7KF8HORwDydEv2J45:xLHb+VwvK58jWNoXiRULuFg/6pmrS5YL
Score

1^/10
behavioral11 behavioral12
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Microsoft.VisualBasic.dll
- Size
  
  596KB
- MD5
  
  df1f3afe18d254f759bb1a000b811c15
- SHA1
  
  2fb998a4b81ca402b066c961ebea2715f3e8325b
- SHA256
  
  44499fad646f624e9144cbadb4683a60bb592032f23d73f2dc8c73337664c226
- SHA512
  
  793868e6362121cf8ab570148594e1a8734e707c0686628b6d54c503633319c16be34aca6ab21bab219fb10bfe077903d9c834e2de051bb49b6e7c75829c3d6a
- SSDEEP
  
  12288:3dnS23pu41pTTNbE6Wlg1mI5g/9ZasP7Ax74yUUUUUUUUUUUUUEumunKEUmEpMQ:3dnS0pfoLlP7AxJzsEpMQ
Score

1^/10
behavioral13 behavioral14
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\System.Xaml.dll
- Size
  
  612KB
- MD5
  
  2bbc120287bc74b5af6e88fbc4e92de8
- SHA1
  
  4e2beb3e1d2f397c8c522c42a612ad02c340d848
- SHA256
  
  dbfd2e947e9f50e11fbc1ab967b53fb970fcfdf548c33e3871ad0d8d50b97a05
- SHA512
  
  eeed2216ec3fd75a42c5ce7d7891feeec9a6778b9bf31903cc7bd27868eb51732ca83e9d35b0bbec6d0e90ad06f5422f6f2f814ae514cac273e077f1932e51e1
- SSDEEP
  
  6144:JyVla2hZKmPqdLtVxVJQdgPq+IjUcmAL8EZVutOriy+msYpcYmwBCHbdQsy7Ffc0:JyTk9xVgjtmYZ8OrnsYpcYrBCdQ3Yc
Score

1^/10
behavioral15 behavioral16
- Target
  
  FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\WordDocumentGenerator.Library.dll
- Size
  
  42KB
- MD5
  
  15f7f00204b9474d1d94517ea718bcd0
- SHA1
  
  18274a7408bc7955887cccb070c71398807fe3cb
- SHA256
  
  727fe5ecf9a6fb31c80e6bfee2852ca39b1addb41b252b653bd964c3583d9c88
- SHA512
  
  4b01aea9c987ec297882a0c40ff680838f4f9edc34984e72bac0daf1febda72de92e4c1e5f99557ad28ce16890fbfeb9176e28f0a38897395004ddab7e56477f
- SSDEEP
  
  768:s5prdr30ggyBOm/uRGmAQEwHdW+XbqOmdjFeAxp0tYZIVZIK8Iuy5Hj43kW:ilVDgYoGUHsYqOmdjFeAxp0tYOVWy5HC
Score

1^/10
behavioral17 behavioral18
- Target
  
  FARRMS\\GenericCLR\FARRMSGenericCLR\IcePriceImporter.cs
- Size
  
  13KB
- MD5
  
  06d843577c1b31ed2b5a8894b2aa7948
- SHA1
  
  405e1cce7da27d230ceaa81886fdc01b25a56a3b
- SHA256
  
  ffc44ecd7d7a24f52709e094b142d2c977999cf419a42b40452475980e7ee439
- SHA512
  
  edd8989cfc27e926fcdf93584c67dedc2779292ee6104fc52d19bf75e58c276561e0adfc1c01817c27599f409c233faa74e89df4c4775ef5b51db9977f76d5ca
- SSDEEP
  
  192:9UkT38LueRX3Br/i+Nfg++9Vb8rHFOxmOxSfaP+PrQKuEC6vdChr6L0Lk:9/TsLuel3Br/i+NpND28nC6vdj
Score

1^/10
behavioral19 behavioral20
- Target
  
  TRMTracker_Antero_Patch_contains_manual_steps_20230916.doc
- Size
  
  5KB
- MD5
  
  f0b6264c44f250e663d7a2f909f4ddb0
- SHA1
  
  0f2be7e697e42726c09a57b3feb64b8d87e34ebb
- SHA256
  
  66e375921b96bfde99ffdc25e78c586b306fa255491fc25738e2cb4f165bac7b
- SHA512
  
  28526e87e4e5f7468323d0e9e13cb214d5d7257be65c475b401dd849a073eba9262aa41475e149de04e4c0a5719d4da04f33f5ca714940e20775458f1719b29d
- SSDEEP
  
  96:XTC9VAD5GrpTZiw4lAMjnOWcm0GB13dzW4:XTC905GrpTtW0GBptW4
Score

1^/10
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22