489f6f02b336f80812ad0307897e072c37042d1c39341e4efbe7c09d1e100f59

Sharing

Copy URL Twitter E-mail

General

Target

teamspeak3-server_win64-3.13.7.zip
Size

8.4MB
Sample

240224-q2j7kaeb4v
MD5

63eeb99c50aa0f050bd6355aed3d7df1
SHA1

5be7f7fc84202c274a6b98fce99e4a0b392e0429
SHA256

489f6f02b336f80812ad0307897e072c37042d1c39341e4efbe7c09d1e100f59
SHA512

e9916831b3244dfd1f3b9d365b58b17cd99fe8a69fa92dec5fea56b1748b5b4b224ff00b786635fc52dca5094f9f4010f5a3984d0e44f4a9ca495823a108cfda
SSDEEP

196608:THwW828DjMAmO43t0nH4yuU3SJsr5AOAo0sdgK4QTgioY9XiU1g483+IzfLPFG:cyK45vtu4Iisl00XXxo6yT+Ibc

Score

7^/10

Malware Config

Targets

- Target
  
  teamspeak3-server_win64-3.13.7.zip
- Size
  
  8.4MB
- MD5
  
  63eeb99c50aa0f050bd6355aed3d7df1
- SHA1
  
  5be7f7fc84202c274a6b98fce99e4a0b392e0429
- SHA256
  
  489f6f02b336f80812ad0307897e072c37042d1c39341e4efbe7c09d1e100f59
- SHA512
  
  e9916831b3244dfd1f3b9d365b58b17cd99fe8a69fa92dec5fea56b1748b5b4b224ff00b786635fc52dca5094f9f4010f5a3984d0e44f4a9ca495823a108cfda
- SSDEEP
  
  196608:THwW828DjMAmO43t0nH4yuU3SJsr5AOAo0sdgK4QTgioY9XiU1g483+IzfLPFG:cyK45vtu4Iisl00XXxo6yT+Ibc
Score

1^/10
behavioral1 behavioral2
- Target
  
  teamspeak3-server_win64/3rd_party_licenses.txt
- Size
  
  49KB
- MD5
  
  cb3d3481f63198d682c5698f67536f8b
- SHA1
  
  81ca3c807d5c5835dea9889c4130b0482ed8eed1
- SHA256
  
  31357c453d493a8dc956301df1586b0d5411179c29c075275ba2ec38a038a6e4
- SHA512
  
  cfdeca06122309146087d41edcfb2751f458a247deed3324026375d3862f4ce2389c9c3ee51d2e60b7d050b1f68f07418c9084269ba31c790eac9c68a9be078f
- SSDEEP
  
  1536:AIRV0EuDTnRwIbKueMBmAldNu0Mux4DFXW:Lj0E6TnhbIMHd7xYFm
Score

1^/10
behavioral3 behavioral4
- Target
  
  teamspeak3-server_win64/changelog.txt
- Size
  
  73KB
- MD5
  
  6c46dd753a9ac5c626a6769be69231b6
- SHA1
  
  4e26674340df9fac9888d6f9fa0016e27a6d9d82
- SHA256
  
  a138431bd84d905180533213d4db943ed1b18fdcdf3fb3999ef0ac2a57ab4ab0
- SHA512
  
  170c40ad187f51e4d2a477a7560bfa4ecfc5dc6ff86e54c3ae1fd1de180e64f755bd35ef75781b07a1a130b34d82043b7f50c54541a15d7aee6040d2d975d8b1
- SSDEEP
  
  1536:dmYv6wI2Kp35Gt7OKZQf1UnyFxgWtXsq9sfth:qx2Kp35G3yH7sesfr
Score

1^/10
behavioral5 behavioral6
- Target
  
  teamspeak3-server_win64/doc/accounting.txt
- Size
  
  6KB
- MD5
  
  900e7ec928c3a2826bbc3a8e196eda2c
- SHA1
  
  2417a8008ab5fd910cb8d649315a4c249af0f5e1
- SHA256
  
  4f6f74c84eae17c3864669271e9da1baf87a4499ef1762037b93480d7ed73d7b
- SHA512
  
  da4ee6b40be8de108f0c83556806dd21a16ca1a65afc8481af96a1b6268f039095ef7912c2537ef8dc7d2711ec969258db71e567de96b7f0bb8e1b4967971869
- SSDEEP
  
  192:/aI8VHIJpvkFjrGIQJct5OiRP2A8IE9iKv7cX6:/aI8VHjFjrGIQJct5OiRP2A8IEcKDcK
Score

1^/10
behavioral7 behavioral8
- Target
  
  teamspeak3-server_win64/doc/permissiondoc.txt
- Size
  
  16KB
- MD5
  
  74e34dc3f5f79394e33ae38e93715d2d
- SHA1
  
  7ebd48827487fef11fe20ce72ffaeccff6800513
- SHA256
  
  fb7f0057d641ff835333bb385430ec8cf03e37925ba0fe5b85d9a28d20f01b7c
- SHA512
  
  29fff15468eff264fe9cf4bdc1b7f927009a9823f9dfea2592c963adbd0b74075c657a564d19d70bb3a68aee18c1687bc73b68d4aa9d22e269a7e816775e81f1
- SSDEEP
  
  384:v4BtZtS2WXyewH3jYBSRm/mdSGakPP+o2PkoFkKr:vEzS2WKHqBkKr
Score

1^/10
behavioral10 behavioral9
- Target
  
  teamspeak3-server_win64/doc/privilegekey_guide.txt
- Size
  
  7KB
- MD5
  
  9092bb39c7ed4d0ce02bb1066ddb95d6
- SHA1
  
  0d2266038b2674c6eba9ce8ac09d4d88ed2a816e
- SHA256
  
  ca28ce8548b5b096cf9420232821361dc16c84227ad03e9b295b7fd9df0b4ac5
- SHA512
  
  d871da078fabfe352b03c19d3a77c2c76a27d9f3b63b5657152a874e1a316c198fc5223ab1586b1cee459a55cd2a196a47fc98566b802d9668a76ccf0a31a4c8
- SSDEEP
  
  192:9dCepSZADTR0a180N6B6Z+vkREt6tDcoe8P9km:9dCepSZcTRj18lB6EkyMco1t
Score

1^/10
behavioral11 behavioral12
- Target
  
  teamspeak3-server_win64/doc/server_quickstart.md
- Size
  
  35KB
- MD5
  
  616ecffe89b0ce6c2cd1df1c8b7b7b9a
- SHA1
  
  b875d6adea92ac03955f339a22c5f7b40a7d1376
- SHA256
  
  6a10660c2cec3f27aa29fb988be8e28645dddc78d8ccf20c266f58e60fd4e965
- SHA512
  
  f65417b70f5b3589134b072f930fe35f230d9d68b5f22c7711c942455f3225411171e3376218daac322644d581f0d91469a577b1c5c28be0f0237788253feb95
- SSDEEP
  
  768:/KLMvAjgRPLsxod1KJe4xHTFAOHv29hoMDa82YvD5jo+QL9cmLd+7wDXtcIfxBFR:hoAqHQfDjPJovL
Score

3^/10
behavioral13 behavioral14
- Target
  
  teamspeak3-server_win64/doc/server_upgrade.txt
- Size
  
  3KB
- MD5
  
  56b3f0b9b450f1d0eb21fda57f29d0a5
- SHA1
  
  9156cafa7fcb769af4fc9e476172db1ce17d6bac
- SHA256
  
  157bc15fc78477ed603a249c36b922748ddbfd898354d5799908ab16d7e60a70
- SHA512
  
  259750e4682f8b3822dcc2822e7e724f7029bc2404aa2fec5948d5ebbe8355aabab0a3a6b7293501f38c4ff34987871167f97d868df7dccbbbe58c9c9a9b59df
Score

1^/10
behavioral15 behavioral16
- Target
  
  teamspeak3-server_win64/doc/serverquery/TeamSpeak_Logo.png
- Size
  
  28KB
- MD5
  
  0481e496ce4b237802c13ac88cce15ad
- SHA1
  
  4f7476fa5b88db34cf30896e22feb072bbf828d8
- SHA256
  
  186bf3b2be052beef5896874990a711aca932f841741023bd280f40e31d82570
- SHA512
  
  37dc54ad8f7fa0ce085f6013123fbef985f1c8a1a142eb1446c537e8cb69fdc8e71328589eaf25f13b2c16dbb1ea5a93d4405f0a7c439563f0e4753362729624
- SSDEEP
  
  768:1a2hAsPpXOkm6zZj2cZQ1r6+Txa1iEBhmUXwH+yAAUpiR1QRDry5Yx3:1a8L5xzOlNq9jwH2Pq1qkM
Score

3^/10
behavioral17 behavioral18
- Target
  
  teamspeak3-server_win64/doc/serverquery/serverquery.html
- Size
  
  185KB
- MD5
  
  4c2e6c49653e1130b5b19478746b0212
- SHA1
  
  6a61335a416731b7e9526ba0f7ccf26a9e6978fe
- SHA256
  
  d9ebfb733c9e9bab5f109cf7780280b776b3527188214ccdb986663ca9002f64
- SHA512
  
  276d2a74b125d24ac91c21dd8362dc54bd85686d17bd2fcaa2eae7a681af681fb9e89596fa30b9a77aa68fb21f02813bbb08d8b19724daa2e4d3d7f3ee114abc
- SSDEEP
  
  1536:21D9XVhG51ypsNF6iMkG/+LERLumRB0KVs2NmaWvbnZzRBtymFDC:2K1ypT0QLlmLv9zRBtymFDC
Score

1^/10
behavioral19 behavioral20
- Target
  
  teamspeak3-server_win64/doc/serverquery/stylesheet.css
- Size
  
  4KB
- MD5
  
  53d67066d7cab073bbd40acd8c5e3e66
- SHA1
  
  63135dc28299789a4e07237c2b077b7a07853de7
- SHA256
  
  feeefb204d53979d63f36710c406d9e90e76d6066379126662f4b36b4db0419a
- SHA512
  
  072bd7c309512d8834505200a6818033eb2a3cf299ad696658db36bfc04779bd4e1a24cefae56447c11680a367e7ed62adde2ce34a27ba1b38c979cbcb70d1a3
- SSDEEP
  
  48:+GITIlyIkaIJSeZQYwNOama4aGL4CeA3t42FjE6guaG0VYT6dcpx30dC5U9W:s8lVkdJTTwNU0KjdP620WCW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral21 behavioral22
- Target
  
  teamspeak3-server_win64/doc/update_mysql_to_mariadb.txt
- Size
  
  3KB
- MD5
  
  7ae2ee3381ed005cbcbca33b9a091f35
- SHA1
  
  0b5dbe5ec6b06fda62abb32171782d80d61923a0
- SHA256
  
  523d31fd2693958ba702bcdf15dc18352cee4fc3ca9d659b5bae6ec50f87a6b9
- SHA512
  
  d26b722e06b3518c98d49d6c32a6561145ce4fc46d2d0f53429e0f3aafaa272a7fc9e0f492789476def8451b466ff79c87295d2217f4bfce85b14f9982462442
Score

1^/10
behavioral23 behavioral24
- Target
  
  teamspeak3-server_win64/doc/webquery.md
- Size
  
  4KB
- MD5
  
  eebed99b622e0782d29b8b3e64bf3694
- SHA1
  
  e002e52db7c503ec71dbfddc9603627b829d8fc1
- SHA256
  
  0fa834fd28efc3d831b9c6ed830d4bed4dcb3955721c15a110e75f2dd17c1694
- SHA512
  
  b56d5107f7b5873a62486fbf0074996d2235879c7e4347d4fe7c2c8f116308c570a192a76fe0c89b1cd7e385742e8f0f238f45097d143c7dcd1bc885d65c2ced
- SSDEEP
  
  96:LfgrTCFcSSENx1QTVjkJYHJE0ajOb1TI16P2l/ZvUETNW/Ja:bgr2FckNbcVgKH60Bb1TG6PG/ZvUETAw
Score

3^/10
behavioral25 behavioral26
- Target
  
  teamspeak3-server_win64/license.txt
- Size
  
  66KB
- MD5
  
  b8e0751a4fa6b9f21093970c1343540e
- SHA1
  
  90d3cbbf81ce094890c2e4b3a3ff0cfcdb7f622a
- SHA256
  
  9e96b4e4c62a5e65f5e357373ed9585301c8071e81c3f84b206acb4d88ba3f71
- SHA512
  
  74fd294b88204a807c675f6534622c17300a08d37ef58fdc086a83f102d199c9cb90b11184f017e53dcc2c590aee3081120d0569561c083d9b07f0cd44d55326
- SSDEEP
  
  768:2UV3NOb7T8AFze45DDLNrzHAGmpWa9ZG8xwuwut9fuV6nsFPqZvSmmWrC8WFbNrc:joc8yWONZ5n
Score

1^/10
behavioral27 behavioral28
- Target
  
  teamspeak3-server_win64/redist/libmariadb.dll
- Size
  
  384KB
- MD5
  
  dcfa34935f0834d0910bc27177c8e907
- SHA1
  
  a1d30be2a3b2f777376e5998d0c341ead58bde95
- SHA256
  
  9baea3da01d0c99f6d7bf8a4b3f39b75f4c522ab0d89869d035f840f4691a616
- SHA512
  
  7bada9ac7264702792fed3ac32d081dab623018cea8c7a1d5d4f43783cebd5430e70cd314a375a76976a39f5390c8cd6ad2ec3a50a1cd944ee0e3489c8ad7af9
- SSDEEP
  
  6144:T5veo+5hCpFmsp2aC1DUrjVplRtBMn1cK2n2iQTB2YDCeeMhJC6tRl:FGHEFWNUHPlRrM1mnETEYDNlRl
Score

1^/10
behavioral29 behavioral30
- Target
  
  teamspeak3-server_win64/redist/maxminddb.dll
- Size
  
  25KB
- MD5
  
  9a76a7e57e61a827bb2c35989f1ecf7c
- SHA1
  
  2230cb18201e142d92c1c41d6febf6bc82177b4f
- SHA256
  
  8723316406d9f992bff975ed4c7dca09f543eba7f1b4d0f8294bf26434ea0280
- SHA512
  
  db072d6a32d5f0f56aba2f896411f5c1c1cbb9c2b043077981839de59263690528e623252b741342dca5ea8ca6ae8b72f000dd5b8f14756026980f4e9b6dce0b
- SSDEEP
  
  384:qGdfzPl+Duxn+UknN3qqhEtPoyFl7Tb2jQVCzykHHKMQGuYNT7cb2:X91+nOPoiT7uzQGuYNTF
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32