General
-
Target
TTRInstaller-v1.5.10.exe
-
Size
36.0MB
-
Sample
240607-dwzc3sgh5s
-
MD5
9ad1b1909b26dea70f1fa99ddf14c9f4
-
SHA1
5319bdba6dab8ce2c0dbf9e33fbad3949240e32e
-
SHA256
e8bf8e8fdeb3a3608338be42b4d3a7f27b8a091025d3bd4f0ea1609105c3f6d6
-
SHA512
0b02e0f2c983bdd9edbb65bb73d47b47a43e95be5c3b76f40bb189e206bac733cd0e19465bbba310eb4987664dfa5d541fcafb7a0fffe022eef75a2fbaba2435
-
SSDEEP
786432:mjFMZRf/DVypSkVZhb3VmeUAdzhbjpCw9A2pk5G73vIhCDlsfzsc:mjFOfroMkVXovAdzhbdp9pk50fISs7sc
Behavioral task
behavioral1
Sample
TTRInstaller-v1.5.10.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
$PLUGINSDIR/AccessControl.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
Launcher.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
TTRInstaller-v1.5.10.exe
-
Size
36.0MB
-
MD5
9ad1b1909b26dea70f1fa99ddf14c9f4
-
SHA1
5319bdba6dab8ce2c0dbf9e33fbad3949240e32e
-
SHA256
e8bf8e8fdeb3a3608338be42b4d3a7f27b8a091025d3bd4f0ea1609105c3f6d6
-
SHA512
0b02e0f2c983bdd9edbb65bb73d47b47a43e95be5c3b76f40bb189e206bac733cd0e19465bbba310eb4987664dfa5d541fcafb7a0fffe022eef75a2fbaba2435
-
SSDEEP
786432:mjFMZRf/DVypSkVZhb3VmeUAdzhbjpCw9A2pk5G73vIhCDlsfzsc:mjFOfroMkVXovAdzhbdp9pk50fISs7sc
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/AccessControl.dll
-
Size
15KB
-
MD5
d74bb4447af48da081c7d9b499f3a023
-
SHA1
dadf6e140e6fd8e49a1851cc144bb022e0adb185
-
SHA256
5fd5d8aec97cffaad9b7df6371b348d436cf1401e86fab614dc4cb8575428e52
-
SHA512
9a15de5c6b08914f5e5bbc1c318fb0e84da28a316cf51ccddca8dfb64cd67b7ad06acac307b41d5086a0740055d327007ff890807d6853bb2e767179a3b3d758
-
SSDEEP
192:0hdGZ2E0hm+Gc7ROMzCPvXWROt086dXHGrEKcDDi0b5ZsgMgiCXyo1Fp01eLLuIt:0hdGZ2E0YWV2908oj21ILud8
Score3/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
d095b082b7c5ba4665d40d9c5042af6d
-
SHA1
2220277304af105ca6c56219f56f04e894b28d27
-
SHA256
b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c
-
SHA512
61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9
-
SSDEEP
192:EyGQtZkTktEQUrJaZfuyCnSmUsv3sY7L7cW8Y6Q86QvoTr11929WtshLAzgSrX8:EyNt+4t7uJalUnGesY7Lt8nCr/Yosa
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
7KB
-
MD5
a8c86996c4230c2209f5927f21321377
-
SHA1
45ce0ab93cb6a3a594e54878cce05df724024393
-
SHA256
110545415a59402635e1c9439acba15b44bab268ed02ad2a262ce12604a47855
-
SHA512
69ee73496b916777936b0dddd2cc4a4f916e393f7d0b167cba77a4a239ee1e3f645d9b90dee1627c42a23eb6c3403e4d086546b9f78b3a2e4999c8f92f6a3bc3
-
SSDEEP
96:mIt3J2Gl0eVe0+Cfo0UkXt6+o69UiGdPh5/utta/23lkCTcaqHCI:bhE+A0+sF6piUFkAylncviI
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
4add245d4ba34b04f213409bfe504c07
-
SHA1
ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
-
SHA256
9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
-
SHA512
1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
-
SSDEEP
192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
Launcher.exe
-
Size
36.1MB
-
MD5
6b1403743fe40c61099ab7c353320062
-
SHA1
fbd14c4f6201d67eb54232f3e29728d5be4b0f7c
-
SHA256
20bb5cccd76392e06046fca45d0258472e0a81151002e730cd4430f1ddcf6a2f
-
SHA512
6409ad4dd07ee48ce66273cdf4b6464a5e527b8bce3579c0cba15d9e110a266c30f4d76cb1c38ae6292d5b522917cb3c1b1fd9546149d11215b6114b5a0c7be7
-
SSDEEP
786432:wAcKKRu9l1hjphrcTfxCHlvMMeueh85HRWGlso5EYWtVLUJwEsqibLq/:wAyw7vjbrKx8vYuehCxZd5ETlUfDifq/
Score7/10-
Loads dropped DLL
-