e50f4c6c5ff5c515a5cf1428b4796c336c42c5d9797960c7882ea10044cdaa2c

Sharing

Copy URL

Twitter E-mail

General

Target

tnrgymodbusserver.zip
Size

1.9MB
Sample

240118-kt4y4sgcek
MD5

ec85a39a3485081e6e04b748caa435e6
SHA1

0a58c207af92c010d9bd6fb21fbe11f3225ee4dd
SHA256

e50f4c6c5ff5c515a5cf1428b4796c336c42c5d9797960c7882ea10044cdaa2c
SHA512

c19951e4edab74171f99cf87c3764a4a1de5e927b19c7290cdf146d7dcf42b16b1483592b6fa1b54d8f536a808cbe202b8805970d8ccf8b5cdec8d909faff64e
SSDEEP

49152:F/v1kYrp7Qizg5RQ39CBiKJRJJ5f8k2BScJcS:FOSe5RQ39CBiKJRJJpb2B3JcS

Score

3^/10

Malware Config

Targets

- Target
  
  Configurar.cmd
- Size
  
  30B
- MD5
  
  0872989105f448cfe9265f031357f1f2
- SHA1
  
  80a267002ce6fc193cc3e6289e21a3c6ac27174d
- SHA256
  
  35bdff29e226f5fc3d0e3dc4cb4a63936818b3b6cad4717a015a9f951149fb71
- SHA512
  
  179c1bb6ca81b770e8293ea1474c83416119278881d7f4e1bb6e193712225b44996e4f5fb46178b0d27215e7cd4d391ee96f3f4c138056d891d4314e6c9691aa
Score

1^/10
behavioral1 behavioral2
- Target
  
  Instalar.cmd
- Size
  
  1KB
- MD5
  
  71b6d84f3e318f59c9fc70f6c742aac3
- SHA1
  
  dcc57c416c600791c78d4ba687c30af85230889d
- SHA256
  
  b0ecd3dd864cfd937bb7faa09cbe440779b99a5636c9f6e8948d6f0b2708ad24
- SHA512
  
  1db2a1f1e94b31b43f4fb8fcf27ef7ab4717264e896ac0c55f947ba829c6681b99c57b6dd5e175c03d3132442c957826f5b313325bd2d75136d75cee58dd1eec
Score

1^/10
behavioral3 behavioral4
- Target
  
  Mono.Security.dll
- Size
  
  293KB
- MD5
  
  f54a30537d377abcbca4b3111cdeeb5a
- SHA1
  
  8277c3cf6512e70f51d72341d7f9fe3657ce56de
- SHA256
  
  643247d3f2cc2fb3ac920e2682652c465a6dc7db80859427685394dceb92ac94
- SHA512
  
  e0590ed90ed07971c82f9f275bcfd003af0b739cdde78bc1737791c5470fc54408e8a0cfa1cc1b1086a150b6cae4374a46e6a67de54c9bafee4ac2942494f09d
- SSDEEP
  
  6144:ssAmts9hgvmAuVQf8BYH61PzJcSLCqim:Kmts9hgvmWk+CP
Score

1^/10
behavioral5 behavioral6
- Target
  
  Npgsql.dll
- Size
  
  347KB
- MD5
  
  d0bec1f8979505f6d9af39a1e7f8b992
- SHA1
  
  3e25240d013a228ab8813ea3e9d79e0c306f0052
- SHA256
  
  7baf5513b67b5bb0800b1b86300c47f6ed03e331d7797697af4591da72e6fe5b
- SHA512
  
  cdc72e0e07df7cb435281ec223700df6f50768161a76ab861832d56c2efeec07be5619625375dbb5bc62987f334ff02a8e9e75b908fc11d37ea61dcfd199a359
- SSDEEP
  
  3072:+aaK0Uc1zn3QFnlTkqFV1qGjd37gwQANgJFzEkkQS37lmfsvMqkqa/2kXECYy0+D:CQv1qOMhANOwQSlTa/wCDNA39y0bXR
Score

1^/10
behavioral7 behavioral8
- Target
  
  System.Data.SQLite.dll
- Size
  
  1.2MB
- MD5
  
  616893e1c8f872fb53d98e6847e4f3de
- SHA1
  
  50c459e75c416e48b39313e48d876d52db837ef3
- SHA256
  
  e1fe071b6bf7ce4551178e2cb0e95a057845d8dd600a796157b76bdb10261df4
- SHA512
  
  1bbaa89f52a57c21268ee43f0e5496e1e7263c2dbfa8a811ca39b5df76c7af1396fa5580c5f44ab77544174ffd0e717dc8c29111531f7109f43309aa918b7e17
- SSDEEP
  
  24576:cy/rsKZ2Sbm/RaeOIUv0Wt/dRpZf2d6oHkQj84fAhs:cy/57ODUVntCkSA
Score

1^/10
behavioral10 behavioral9
- Target
  
  System.Net.Http.dll
- Size
  
  193KB
- MD5
  
  665e355cbed5fe5f7bebc3cb23e68649
- SHA1
  
  1c2cefafba48ba7aaab746f660debd34f2f4b14c
- SHA256
  
  b5d20736f84f335ef4c918a5ba41c3a0d7189397c71b166ccc6c342427a94ece
- SHA512
  
  5300d39365e84a67010ae4c282d7e05172563119afb84dc1b0610217683c7d110803aef02945034a939262f6a7ecf629b52c0e93c1cd63d52ca7a3b3e607bb7d
- SSDEEP
  
  3072:HeruQlNGOhYq0AQcTvankc+8lbKta4FUPAT8xpRI454I/Kv6RpZ8dwPSgEQ4:aW60VcTvakcXcApOW4
Score

1^/10
behavioral11 behavioral12
- Target
  
  System.ValueTuple.dll
- Size
  
  77KB
- MD5
  
  b1799909e14ad3392e633918a88ee6ac
- SHA1
  
  a20d2c622d50de62d643927348e17a0827a167ff
- SHA256
  
  d7297f20ddb379799fb020fcb8a79bc65117758cd189e72a327a8f47e5d27c6e
- SHA512
  
  365c5a699749323e9dfde2120a4588e8afe763026c0a8abb91206c1191cd043cf10077221edbdffe80f85fb78b6ca42715244008682e8fa52cfaa38c47901c57
- SSDEEP
  
  1536:XactYdpkyN1j5x1kqhNqA0XlvtJ0ep7GWKhHcyZMXdm0VwyUNrnucehgbXNbgL:XaCwpHRhHcYMNm0ijNDu8XN0L
Score

1^/10
behavioral13 behavioral14
- Target
  
  TCore.dll
- Size
  
  1.2MB
- MD5
  
  31eae9fbef06c3b34a06a09453032b36
- SHA1
  
  e4a4e5da523876f0f613f7051f45ddcbad454cca
- SHA256
  
  a5cf6da6690859ea6cba6c1b466d8a47aff33df28f852106ec37eaf94822be60
- SHA512
  
  809f5a0f01dd716023d468f89531074792306f09cdae1a0fee517c5952f04d625f17cc0a6c28eba85e9f74049608d9e725764fc0f2f782c99cae3dafb00f2c23
- SSDEEP
  
  6144:7zycs/si3D7bzaCtiwhwh8RljJCjshgnMnOQSfvzY6OMEP98nZxZqYBnklhMmBW2:7OBbzaCdjRQrN+AxkENmQaj
Score

1^/10
behavioral15 behavioral16
- Target
  
  TNrgyBss.dll
- Size
  
  476KB
- MD5
  
  17218b8fd286211f443ddb3ea6df626a
- SHA1
  
  0db794220ded1395e56708778b2fca884c209a31
- SHA256
  
  0cf872182026c931b298f4839058031582059a68dc2c7655aa091bd74276c22e
- SHA512
  
  88d6e801c591f5c71ecfab5c945cebf9c48a1c20acd3b1e7fb2a27e358cbd77b8651474167d4424aefb89f7835c726f014c6b26ab6fe9fa0baef4932fbcd0238
- SSDEEP
  
  6144:ExZ3//3l6uGm6NmBnonQjSsP+K1bUao2bi8FIuuNIG:kZsud6ZnCW88
Score

1^/10
behavioral17 behavioral18
- Target
  
  TNrgyModbusServer.exe
- Size
  
  101KB
- MD5
  
  97d3b7b3f070c91a6add53e5f147a66c
- SHA1
  
  069d35d1e51ce8edf7ee6688166ac02ad0101e96
- SHA256
  
  2bb55bb34f4e04a5de0ff2d3c764f85c277a0f295501dfe42e836a61a9e5be31
- SHA512
  
  5f91efdf7c2c2eb8a98c669df6955650a3c359ff11b2618b58873d994cb87bf881a7d20aa186fe661edd31355c4ae3081d59bf58af130b4a641558248e4df9e3
- SSDEEP
  
  3072:3UY4ktqdgtTLb9dKdxwkPOd/0RP4NB7sX:z3tXb9QduGPP
Score

1^/10
behavioral19 behavioral20
- Target
  
  en/TCore.resources.dll
- Size
  
  24KB
- MD5
  
  4677cc9adfa4694823c6bf88f70a1100
- SHA1
  
  3920f6a0ba986269b17c3ea48cc3984682a255d1
- SHA256
  
  c84954c922aa8dc2252445dfca4ec4b354022e2af75fabec4da3fdca26431681
- SHA512
  
  90a5fcaf2b9163df38f69451d76ddaded509f76a9a7427e3cc389d01f443f34eef80b2db71f1607d1ce6f8ac8fa07ff2d92f8fca3f5b611b182c962a67d67411
- SSDEEP
  
  384:AfElgf/3+TszXjrnVeJk2LWKr4m2elTN3TpBKC132EFiuklOAANbZ+J91BxGEYGL:wf/3rJeJfr4mdTVSSm233y/BxGEYRm
Score

1^/10
behavioral21 behavioral22
- Target
  
  en/TNrgyBss.resources.dll
- Size
  
  21KB
- MD5
  
  7e7cb43c291f50f6bac67e65bba75d4b
- SHA1
  
  237c49292b85b763e0f7aaba1bbfcd0e9dccd61a
- SHA256
  
  709ff667d286f0276718c67815a7f47f7f80b5be477441b30a5d3dbdf2b2a14e
- SHA512
  
  cc64f476f84d28b9ea94f9f9234a7dc1ffd977a9be4d2236a8d74e6416ba07a8011ab4d0e23bc35b1a75b97910a66fa3affcea3313e92c5f1bb7d161c9dfccb5
- SSDEEP
  
  384:4WcWN0iJcdrnPvihlJ7muJzMsDbhHQhY6TFEaRsbDJCJT:0sMKb5QhY66goDs9
Score

1^/10
behavioral23 behavioral24
- Target
  
  en/TNrgyModbusServer.resources.dll
- Size
  
  4KB
- MD5
  
  6a7abed5a1ecb059d4a146b1bd306247
- SHA1
  
  4cb0fafccb33432208246266ee6b638f9380e053
- SHA256
  
  afa0a2d2b258588c636ff386d2d82bb4186cdf1ecb647dc19882eae0f2caea5c
- SHA512
  
  fa9d22e0249b5543f1aa5449277e2582916f469cd28532574327a40dd83253bbba5792d3fe0afdc399ef18870bb71eb0a5272b652d806dbe25ddfc2a7c883773
Score

1^/10
behavioral25 behavioral26
- Target
  
  es/TCore.resources.dll
- Size
  
  25KB
- MD5
  
  e1bed4110e132cd2fb8459e0e9059252
- SHA1
  
  e84d71d5aa9182dc1864bc172f7108fb53d4ff11
- SHA256
  
  99d7f98edd4428e6004b1d534ad6a5b4e809c69702d69b3c9d777d99cf1f2f2e
- SHA512
  
  b36afed9ab9d47afddd42062d8da23c53574ce4a491586592837000ad34588bfe62dad40653f0c91f2901ae73b88488cabbaa27ef8489481d23fafc55acb276c
- SSDEEP
  
  384:KfElgf/3+T6DbK7IIlKiAh/i/nPDfzPZ3vSdhdSV9p8b5dzPACuK5U7BTM66neUa:ef/3p5iAgfnPhKGbG1dzPbcBQir
Score

1^/10
behavioral27 behavioral28
- Target
  
  es/TNrgyBss.resources.dll
- Size
  
  22KB
- MD5
  
  bb6293690a82dcb5bc5a68bf0b3d0ecf
- SHA1
  
  005856b90e22dd16ab252273a3d6f9b1d702668f
- SHA256
  
  293cc03cefb6ee917cec25ae625350055f0bdd1fbe2e02c7dbd1bf09528912d4
- SHA512
  
  c98bc40347951ce5e54b518e766295930b571ba69c3783eb26b4e92c5f884321acf95440fbee1458b0eb09125b8773f23ca17dd3c257a2140a0a0b2a769e2bc7
- SSDEEP
  
  384:/QWcWNb99zKDknislw94+Y7r4UiepYEjjLDj3sQe61s85MQNuMTGPNU7mIB5137k:/IharZiepRjjLDjcQj1s85MQNuMTGPNj
Score

1^/10
behavioral29 behavioral30
- Target
  
  es/TNrgyModbusServer.resources.dll
- Size
  
  4KB
- MD5
  
  b4fc270d0198ac485b853837bde48531
- SHA1
  
  4c5a4ac5e90aa12a1ea65ed039674a9458a6f425
- SHA256
  
  896fa2c8e3228dcbbe5d52eaf4f22baf20fc084161378e8d02c120faaad7fd08
- SHA512
  
  1d9eb77f4bfa78abf845c0914df553902bc55b550a3b657f1a20e2fb395f79bc6e6b7a1f220aa04fb011fa966eafdb466f5566d2ac88fc4b0848443c88f560fa
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

T1053

Persistence

Scheduled Task/Job

T1053

Privilege Escalation

Scheduled Task/Job

T1053

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32