General

  • Target

    TTRInstaller-v1.5.10.exe

  • Size

    36.0MB

  • Sample

    240607-dwzc3sgh5s

  • MD5

    9ad1b1909b26dea70f1fa99ddf14c9f4

  • SHA1

    5319bdba6dab8ce2c0dbf9e33fbad3949240e32e

  • SHA256

    e8bf8e8fdeb3a3608338be42b4d3a7f27b8a091025d3bd4f0ea1609105c3f6d6

  • SHA512

    0b02e0f2c983bdd9edbb65bb73d47b47a43e95be5c3b76f40bb189e206bac733cd0e19465bbba310eb4987664dfa5d541fcafb7a0fffe022eef75a2fbaba2435

  • SSDEEP

    786432:mjFMZRf/DVypSkVZhb3VmeUAdzhbjpCw9A2pk5G73vIhCDlsfzsc:mjFOfroMkVXovAdzhbdp9pk50fISs7sc

Malware Config

Targets

    • Target

      TTRInstaller-v1.5.10.exe

    • Size

      36.0MB

    • MD5

      9ad1b1909b26dea70f1fa99ddf14c9f4

    • SHA1

      5319bdba6dab8ce2c0dbf9e33fbad3949240e32e

    • SHA256

      e8bf8e8fdeb3a3608338be42b4d3a7f27b8a091025d3bd4f0ea1609105c3f6d6

    • SHA512

      0b02e0f2c983bdd9edbb65bb73d47b47a43e95be5c3b76f40bb189e206bac733cd0e19465bbba310eb4987664dfa5d541fcafb7a0fffe022eef75a2fbaba2435

    • SSDEEP

      786432:mjFMZRf/DVypSkVZhb3VmeUAdzhbjpCw9A2pk5G73vIhCDlsfzsc:mjFOfroMkVXovAdzhbdp9pk50fISs7sc

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/AccessControl.dll

    • Size

      15KB

    • MD5

      d74bb4447af48da081c7d9b499f3a023

    • SHA1

      dadf6e140e6fd8e49a1851cc144bb022e0adb185

    • SHA256

      5fd5d8aec97cffaad9b7df6371b348d436cf1401e86fab614dc4cb8575428e52

    • SHA512

      9a15de5c6b08914f5e5bbc1c318fb0e84da28a316cf51ccddca8dfb64cd67b7ad06acac307b41d5086a0740055d327007ff890807d6853bb2e767179a3b3d758

    • SSDEEP

      192:0hdGZ2E0hm+Gc7ROMzCPvXWROt086dXHGrEKcDDi0b5ZsgMgiCXyo1Fp01eLLuIt:0hdGZ2E0YWV2908oj21ILud8

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      d095b082b7c5ba4665d40d9c5042af6d

    • SHA1

      2220277304af105ca6c56219f56f04e894b28d27

    • SHA256

      b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c

    • SHA512

      61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9

    • SSDEEP

      192:EyGQtZkTktEQUrJaZfuyCnSmUsv3sY7L7cW8Y6Q86QvoTr11929WtshLAzgSrX8:EyNt+4t7uJalUnGesY7Lt8nCr/Yosa

    Score
    3/10
    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      a8c86996c4230c2209f5927f21321377

    • SHA1

      45ce0ab93cb6a3a594e54878cce05df724024393

    • SHA256

      110545415a59402635e1c9439acba15b44bab268ed02ad2a262ce12604a47855

    • SHA512

      69ee73496b916777936b0dddd2cc4a4f916e393f7d0b167cba77a4a239ee1e3f645d9b90dee1627c42a23eb6c3403e4d086546b9f78b3a2e4999c8f92f6a3bc3

    • SSDEEP

      96:mIt3J2Gl0eVe0+Cfo0UkXt6+o69UiGdPh5/utta/23lkCTcaqHCI:bhE+A0+sF6piUFkAylncviI

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      4add245d4ba34b04f213409bfe504c07

    • SHA1

      ef756d6581d70e87d58cc4982e3f4d18e0ea5b09

    • SHA256

      9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706

    • SHA512

      1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d

    • SSDEEP

      192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      f0438a894f3a7e01a4aae8d1b5dd0289

    • SHA1

      b058e3fcfb7b550041da16bf10d8837024c38bf6

    • SHA256

      30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

    • SHA512

      f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

    • SSDEEP

      48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj

    Score
    3/10
    • Target

      Launcher.exe

    • Size

      36.1MB

    • MD5

      6b1403743fe40c61099ab7c353320062

    • SHA1

      fbd14c4f6201d67eb54232f3e29728d5be4b0f7c

    • SHA256

      20bb5cccd76392e06046fca45d0258472e0a81151002e730cd4430f1ddcf6a2f

    • SHA512

      6409ad4dd07ee48ce66273cdf4b6464a5e527b8bce3579c0cba15d9e110a266c30f4d76cb1c38ae6292d5b522917cb3c1b1fd9546149d11215b6114b5a0c7be7

    • SSDEEP

      786432:wAcKKRu9l1hjphrcTfxCHlvMMeueh85HRWGlso5EYWtVLUJwEsqibLq/:wAyw7vjbrKx8vYuehCxZd5ETlUfDifq/

    Score
    7/10
    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks