71d55286d6ff61f51b9a5ffb0eaf05dfaf996dd544df0655ee333f47630e3a9b

Sharing

Copy URL

Twitter E-mail

General

Target

TecknixClient.exe
Size

60.1MB
Sample

240222-e4nf8acb77
MD5

6fb56107fdf1eb1fd5358d34a5ffd4c4
SHA1

1b4ce4480b140bb0f4d26bb2bfae3a6db58562e4
SHA256

71d55286d6ff61f51b9a5ffb0eaf05dfaf996dd544df0655ee333f47630e3a9b
SHA512

f7c09fb98b9e807984a9595fc0d384de0fe6f7d2fdb325663d0552bea34196760512a0c759597752ce870d28796dff1b94929b08c1e62a48592ef87e992c94ec
SSDEEP

1572864:5eHOujIgjEO4KFye+tafQNCEg84MyILKuCRxD15vj3/:5SOuXjEKFyDKfEABiK73h5vb/

Score

7^/10

Malware Config

Targets

- Target
  
  TecknixClient.exe
- Size
  
  60.1MB
- MD5
  
  6fb56107fdf1eb1fd5358d34a5ffd4c4
- SHA1
  
  1b4ce4480b140bb0f4d26bb2bfae3a6db58562e4
- SHA256
  
  71d55286d6ff61f51b9a5ffb0eaf05dfaf996dd544df0655ee333f47630e3a9b
- SHA512
  
  f7c09fb98b9e807984a9595fc0d384de0fe6f7d2fdb325663d0552bea34196760512a0c759597752ce870d28796dff1b94929b08c1e62a48592ef87e992c94ec
- SSDEEP
  
  1572864:5eHOujIgjEO4KFye+tafQNCEg84MyILKuCRxD15vj3/:5SOuXjEKFyDKfEABiK73h5vb/
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/app-64.7z
- Size
  
  59.6MB
- MD5
  
  4d9a002aa0e35b6d7cff66820f6b2bcf
- SHA1
  
  36cca0d8b0bcdd88a725a32e579998bedc229961
- SHA256
  
  eea9a7800d2a2bc90e78ec934c34c0177a3ffc15bb18eef5f32c2d52356f9c83
- SHA512
  
  10186decffe9d2f92bbda852b2679e8878d9028acad8cf38e5c5af6c05a015a80f93dd78f8483abc886c7c8e4ef6c5db600be1f9bba31e8146004c9ee35b01f4
- SSDEEP
  
  1572864:WHOujIgjEO4KFye+tafQNCEg84MyILKuCRxD15vj3F:qOuXjEKFyDKfEABiK73h5vbF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  LICENSE.electron.txt
- Size
  
  1KB
- MD5
  
  4d42118d35941e0f664dddbd83f633c5
- SHA1
  
  2b21ec5f20fe961d15f2b58efb1368e66d202e5c
- SHA256
  
  5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
- SHA512
  
  3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63
Score

1^/10
behavioral13 behavioral14
- Target
  
  LICENSES.chromium.html
- Size
  
  5.0MB
- MD5
  
  5201488d4139cb6976431b6bc6026e49
- SHA1
  
  566969157f998749e3c6b4ab6ac35097ea3a9df8
- SHA256
  
  5933e91a3978bac616a0cc85e67833a17cd44b7e4702c074fe2a641e0baa638c
- SHA512
  
  5e70a1056fbe49eb3766baefe0329f86f2c0870216d9e51dcb7849e3a0a8fa1e3e13bd66a4ea776e652e0e80bd540d700c9e219cb29b10c38146c67c31b7abb0
- SSDEEP
  
  12288:FetnJnVncnJnkncnpWQtnwn7n9nJnCnZnGn3eQSnqnBnununFn/nwnJnqnvnOnqi:nPDt5WXWSNkbfwVR8mfJvwH92EdpV
Score

1^/10
behavioral15 behavioral16
- Target
  
  Tecknix Client.exe
- Size
  
  141.9MB
- MD5
  
  f49986500008b71c3699313947a95152
- SHA1
  
  95fc83d42d04afd0056454cd43920022bad6f00f
- SHA256
  
  eb9630b13cc6b3d34620c5f7aa97e555eaaf15a1cb173b931e556c3255b4e760
- SHA512
  
  ffbc07beee1cf1139984e27bf368e4cad6d28ceb487f8102c7b8923185b243c2ffdc38c79be095085641888d16953bb5caf862186e696a2b477431b989356b16
- SSDEEP
  
  1572864:uGnLoxZiYvfM/e4/GIiQ2LU8fGqyvcXdEhIECpvfQU41:uG4b8/eUqrRd4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral17 behavioral18
- Target
  
  chrome_100_percent.pak
- Size
  
  125KB
- MD5
  
  0cf9de69dcfd8227665e08c644b9499c
- SHA1
  
  a27941acce0101627304e06533ba24f13e650e43
- SHA256
  
  d2c299095dbbd3a3cb2b4639e5b3bd389c691397ffd1a681e586f2cfe0e2ab88
- SHA512
  
  bb5d340009cef2bcb604ef38fdd7171fed0423c2dc6a01e590f8d15c4f6bc860606547550218db41fba554609e8395c9e3c3508dfa2d8b202e5059e7646bdcef
- SSDEEP
  
  3072:ogKzwI/4wKN3/nXCWZQCPxBVO2o418Gb0+VRLf0ld0GY3cQ39x2I:ogKzwI/49NPyCtoK18Gb0OV8ld0GecQ1
Score

3^/10
behavioral19 behavioral20
- Target
  
  chrome_200_percent.pak
- Size
  
  174KB
- MD5
  
  d88936315a5bd83c1550e5b8093eb1e6
- SHA1
  
  6445d97ceb89635f6459bc2fb237324d66e6a4ee
- SHA256
  
  f49abd81e93a05c1e53c1201a5d3a12f2724f52b6971806c8306b512bf66aa25
- SHA512
  
  75142f03df6187fb75f887e4c8b9d5162902ba6aac86351186c85e5f0a2d3825ca312a36cf9f4bd656cdfc23a20cd38d4580ca1b41560d23ebaa0d41e4cf1dd2
- SSDEEP
  
  3072:YDQYaEqQZUYUJP1N3/nXCWZQCPxBVrfR54x5GMR+F44ffbdZnYw9p4AbIVGYoDdR:YDQYaRyY1NPyCt9gx5GMRejnbdZnVE6j
Score

3^/10
behavioral21 behavioral22
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  cb9807f6cf55ad799e920b7e0f97df99
- SHA1
  
  bb76012ded5acd103adad49436612d073d159b29
- SHA256
  
  5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a
- SHA512
  
  f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62
- SSDEEP
  
  49152:IuhjwXkKcimPVqB4faGCMhGNYYpQVTxx6k/ftO4w6FXKpOD21pLeXvZCoFwI8cc:oy904wYbZCoOI85oyI
Score

1^/10
behavioral23
- Target
  
  ffmpeg.dll
- Size
  
  2.7MB
- MD5
  
  0cdbcbc33ab3e567dddc20dc7d36a289
- SHA1
  
  3bce9d0b64301c7bc733bcd86863ec325dd4b432
- SHA256
  
  74380e1e9674cdca25f2660e6780d0ecbdaf33e1faae4ae6a9c751012670d43c
- SHA512
  
  a3961cc0cd2e2bc174850837f7175ce87f199f3e6c93c2ffecca5075df1efff6c728f6b16125e49f42cda4ff0f8f508f3c19e7aef4c0d0cd7e6ecb172b0ac201
- SSDEEP
  
  49152:N8qdAmBRsEsA2lydpsV2+ulbCVCbBdRXLvPznKF76ayToQVNU52kJ8dj02bfUCfL:ndZB6ssV2vWCbB7K7ryToQVNU52kJ0Up
Score

1^/10
behavioral24 behavioral25
- Target
  
  icudtl.dat
- Size
  
  9.9MB
- MD5
  
  c6ae43f9d596f3dd0d86fb3e62a5b5de
- SHA1
  
  198b3b4abc0f128398d25c66455c531a7af34a6d
- SHA256
  
  00f755664926fda5fda14b87af41097f6ea4b20154f90be65d73717580db26ee
- SHA512
  
  3c43e2dcdf037726a94319a147a8bc41a4c0fd66e6b18b3c7c95449912bf875382dde5ec0525dcad6a52e8820b0859caf8fa73cb287283334ec8d06eb3227ec4
- SSDEEP
  
  196608:tGzwSv9AAQu1+liXUxCGZHa93Whlw6ZzbSEQF:t3KlQusliXUxCGZHa93Whlw6ZzbSEQF
Score

3^/10
behavioral26 behavioral27
- Target
  
  libEGL.dll
- Size
  
  460KB
- MD5
  
  0489575b9f33dbcf7047a83a2c22062f
- SHA1
  
  72b64d31219a679252e07d843a53729d9f469e4e
- SHA256
  
  073d89c66ea3f16fdf2813a0be977d3a45c2edeec0a40dab39321818728f59ce
- SHA512
  
  b4c27290c17fe41319fde0c7cee53a439029a44bb6234f72617fdd0c891fc4e71c497cc863d9981aaa6df71c6f0ed2d2aeeb6e7a6fc5f0b2ecb3c80d3c76289d
- SSDEEP
  
  6144:rKEcTs/jvtGCIvT/BIy/71C6h7i6DPgwlXwuxkC8wm7j8hLeC:rKEcTs/jvtGCIb/BI/CLPzxk7wm7j0
Score

1^/10
behavioral28 behavioral29
- Target
  
  libGLESv2.dll
- Size
  
  6.8MB
- MD5
  
  69226767e1749a20ba67cc56765e335c
- SHA1
  
  a3792e3475d18d7014a1b4b94b1cf24bce083d18
- SHA256
  
  ad87f1c0600217ce6e0bdfaf443b52ed93053eae1b05a5f847f318fc9567ecce
- SHA512
  
  d05839c958d2afbe716013da1d5b4a7e7e015cfd40f46eab41d303f5d104c08e57b93396d6efe439bc3189098d875d3d177013b3b10eb9c365a0b501adee7414
- SSDEEP
  
  49152:J59vei/JY5TCnQZ3/nWhLl/07TlVMpDFR96PEtMHPZO926fbFbtf6sgylZy8Y2cH:qZ/WhR/o2Yr8rAjWedDBVm
Score

1^/10
behavioral30 behavioral31
- Target
  
  locales/af.pak
- Size
  
  125KB
- MD5
  
  46f982ccd1b8a98de5f4f9f1e8f19fe5
- SHA1
  
  13165653f2336037d4fb42a05a90251d2a4bc5cf
- SHA256
  
  9e0aeb9d58fecc27d43e39c8c433c444b2ce773cc5d510fc676e0ebbcab4bddf
- SHA512
  
  2c40e344194df1ca2d2e88dba0cb6c7ef308dd9c83e10bbc45286b5e3bc1d98a424a60ec28b2700606916105968984809321505765078d7caddbb1c4d3f519de
- SSDEEP
  
  3072:Q4R1VbSVwDwaPwT6HUrLOd+QeeSsL0J6tuBMWoXO3I9GLfXEAbZt1ScE:rR19SVwDwa3qLOds80KO3q
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32