394367fbf7fcaed9fce1ed15d17329b644538e5e1b7f5fa7b3ff55ca2d6ce658

Sharing

Copy URL

Twitter E-mail

General

Target

1.2.6.0.zip
Size

18.3MB
Sample

240619-vntajavbph
MD5

7832f20352027c56624f7ee3de650179
SHA1

2d6e888acf08a3c274f4baafde6ae9119eb7f786
SHA256

394367fbf7fcaed9fce1ed15d17329b644538e5e1b7f5fa7b3ff55ca2d6ce658
SHA512

219d226e7c1d17420741dd6d1f519857e344b953f0a51f474646b3ce5efc6e7f1ef224aa67f9f0be8a7d9c3fbb98265d5c743b2ba9c13383d2ef60250857f6a9
SSDEEP

393216:DgbdmZZ0Jwuppkm/mC5DcaEbKVbDV5Hr+xphLg4H7OnaSBY8USJ1vBn86a9kWtw:sbY0hpk+jNcYBjHr+JLgwyaSBNH3vRXV

Score

3^/10

execution

Malware Config

Targets

- Target
  
  1.2.6.0/run.dist/tcl/word.tcl
- Size
  
  4KB
- MD5
  
  70450a0cf04ef273eff2b070053fcfa6
- SHA1
  
  47974d6c0fc986ee1273c4e13ddb9e1288cef0ff
- SHA256
  
  678f891615e2209a8ecba17857922a9723e78709adb983032e89ca706000c44d
- SHA512
  
  afd3e47324d1497cc46ac6141191fceb843977d0b0285c807ff8985dcc56fde10977f57d503d986cd2c1edc6c62f01e405a0eb483340b247b129fc8d6d9fe689
- SSDEEP
  
  96:HgTQWiZuhdFQJmuldFQofsGP3R1hF9Dl19arB0E9Dl1YoaEhHe2Gu/q1ZFyJRpqk:8iZUroxvR197ABr971h5GIqrmbqIc+b/
Score

1^/10
behavioral1 behavioral2
- Target
  
  1.2.6.0/run.dist/tcl8/8.4/platform-1.0.19.tm
- Size
  
  11KB
- MD5
  
  a0b269d76db613c2d927efa84fee88e2
- SHA1
  
  f9c7ad375f4d4223f0668fa1e2c4e5a83cac2d03
- SHA256
  
  32348d51f3637f375b056fe99e9b4d89d85d45db907847dc370bd72812a2e2fe
- SHA512
  
  5427762147825dc2ed3feee4011bbf2100932a4d93f3242ccad15499c9dc39f42a82aeb42ed5db5839560cd7aae5d30621ac3694552ffc650a1f572cee32fa54
- SSDEEP
  
  192:rXlm2LnoZ7k2mOEhYoKVtWD2xLsmF+MNlPQ4lJ+B0O0DgryYY/+zy7go:rXlm2Lng7kvF2VtWD2xLeMNT+B0O0Urk
Score

1^/10
behavioral3 behavioral4
- Target
  
  1.2.6.0/run.dist/tcl8/8.4/platform/shell-1.1.4.tm
- Size
  
  6KB
- MD5
  
  8abc3029963e433d1d9865aaa7e1057b
- SHA1
  
  a88091dc98b2fd0ae3a258b59f8be43f41f04323
- SHA256
  
  0a6b4b109cfdfc4b40fbdefdb2282f9b1af3cc2f9624dd39958eebd78781afb2
- SHA512
  
  d5068375615a2200ddc13eeb852b2e21b7e4aa416fb7a0e97c98b8b106d7701792c523739e8bf266d2abe411d4298a0b5b3884cfb9df820fd4a2b61b22f9decf
- SSDEEP
  
  192:PV5U+VLnNUPVvH+knNUPVUHD5ngWftN+IgMufIdqi+g0SYiCXVDjqL:Nm6MFXN5uwq51iCFD2
Score

1^/10
behavioral5 behavioral6
- Target
  
  1.2.6.0/run.dist/tcl8/8.5/msgcat-1.6.1.tm
- Size
  
  34KB
- MD5
  
  bd4ff2a1f742d9e6e699eeee5e678ad1
- SHA1
  
  811ad83aff80131ba73abc546c6bd78453bf3eb9
- SHA256
  
  6774519f179872ec5292523f2788b77b2b839e15665037e097a0d4edddd1c6fb
- SHA512
  
  b77e4a68017ba57c06876b21b8110c636f9ba1dd0ba9d7a0c50096f3f6391508cf3562dd94aceaf673113dbd336109da958044aefac0afb0f833a652e4438f43
- SSDEEP
  
  768:m3xQvCzasI/rHPG2yfkZ0Kbh91iQ3Lnq5MIVYB8mbgijsPIWtw4qvUm:4xQvCzasIDHPG2yW0kJ32imXmUij6JjG
Score

1^/10
behavioral7 behavioral8
- Target
  
  1.2.6.0/run.dist/tcl8/8.5/tcltest-2.5.5.tm
- Size
  
  105KB
- MD5
  
  655ec828777244f9f048e0d08203482f
- SHA1
  
  790446d04fe7be12fd5dcf6e6fbd4c5a08c45c98
- SHA256
  
  35a88f56df57e6ac6f2ccc4d193210fbb9bd224ac99670603e077ddf8c5610bc
- SHA512
  
  c249caa5da76a0b0876dd1bd201ff2d249d4fcd8467992c9de51ba5a1c5471f98c10d69c46df5b25dba7941f4301b446d90cbf17bccfb8b0ed27b22bf4da20f3
- SSDEEP
  
  3072:74s6YTLsaoi4N8uBPM5PP9AlGXJL/ciBh:7N6Y9oi4N8uBPM5PP9AYXJL/ciBh
Score

1^/10
behavioral10 behavioral9
- Target
  
  1.2.6.0/run.dist/tcl8/8.6/http-2.9.8.tm
- Size
  
  115KB
- MD5
  
  acb85feb97b27f1362e1d76b686d498f
- SHA1
  
  92c370f838bd67c72e153fbf7ad05e26ff40a393
- SHA256
  
  7a30e7a49c1f6939537eb7a80cf2f5bc7a4969f2b2ad99ba4e26db85bbc2fcc7
- SHA512
  
  ea504863386817e1b21549376148fd05c7eaf74f91a3a8da97efcf3784530ed3cf1910df9b2431ec47d1175759cdeb1a0e9e9e02bba94ec2123eafb7cbd2b90a
- SSDEEP
  
  1536:RYY1IO/KuUhIW17zr1DLJuuBuFsj6aIsGc3e6xGxjndp72y4ebBxIQ30Ik:RbyOCuUv9r5LJmsjlxTxGxjndpCBeAQ0
Score

1^/10
behavioral11 behavioral12
- Target
  
  1.2.6.0/run.dist/tcl86t.dll
- Size
  
  1.7MB
- MD5
  
  b0261de5ef4879a442abdcd03dedfa3c
- SHA1
  
  7f13684ff91fcd60b4712f6cf9e46eb08e57c145
- SHA256
  
  28b61545d3a53460f41c20dacf0e0df2ba687a5c85f9ed5c34dbfc7ed2f23e3e
- SHA512
  
  e39a242e321e92761256b2b4bdde7f9d880b5c64d4778b87fa98bf4ac93a0248e408a332ae214b7ffd76fb9d219555dc10ab8327806d8d63309bf6d147ebbd59
- SSDEEP
  
  24576:+AZ2kQrvqkPY6i6ktWc2uMOxmWu1/0lglMkgshwlfjwtorWy2eMdPhOC9JlQ5ZDA:+A0W9jEoSy2nd9JlQjaq5vWHZ7XM2eDu
Score

1^/10
behavioral13 behavioral14
- Target
  
  1.2.6.0/run.dist/tk/bgerror.tcl
- Size
  
  8KB
- MD5
  
  c5e9a2e32ae83a79df422d1145b692df
- SHA1
  
  08350f930fb97a95970122920c91fb9ced8329e9
- SHA256
  
  8822365ee279bebf7a36cfdedba1114762f894781f4635170cc5d85ff5b17923
- SHA512
  
  71420e15a3d63329560074f6ffad42cb464401284bc29d0dc8e34d83f8f77079f26bb4c5703e656a48e6931c3dbf6b873756fb212d0860483e0301b29ede1212
- SSDEEP
  
  192:RpwYLapGk1BlM4UBIHpJFVUXUziMJ5Kxyk55qxUr7Vdk5vNR:RuYfvMdOXyj+01f
Score

1^/10
behavioral15 behavioral16
- Target
  
  1.2.6.0/run.dist/tk/choosedir.tcl
- Size
  
  9KB
- MD5
  
  818e4f0112931f12b4fac4cad262814c
- SHA1
  
  ac7060df952f9db52c3687b8f5e6aa4adf06992e
- SHA256
  
  35b208e8570b0d1e0ca1c911d4fe02ee3b0cfe5667cf1bdec006cf9d043122ba
- SHA512
  
  0c535b6621bc83412b7a64cb6ac2ba526b8e49bb5f6bc5ebeda41d223d68deb031db9c8a31f8671bc5f327d720942e7fdae3328334b0b550ac991191f96909d6
- SSDEEP
  
  192:HKOdkMpU9YUp8UIhMYYicln9Die0luVZat3pIp5Y3sF1P8Bg8p6trIOzvKsOiCLU:HyMm9J8wPx70luex4C8Fygq6tohef+0J
Score

1^/10
behavioral17 behavioral18
- Target
  
  1.2.6.0/run.dist/tk/clrpick.tcl
- Size
  
  21KB
- MD5
  
  ad86e0265c307348a16e9e4b64d8f235
- SHA1
  
  66ec6726df997ee6096f642ebbbdb8c3201ba571
- SHA256
  
  d210dcfa9adb4c23e44ebf744839158cab4e21eacf9483c6ba91ba6ec4660eb8
- SHA512
  
  a0c9df815fe54c26eed69c84b29fd829eb1b7e43d2787e98c71d091607226532f6f0e9213e83ff8263fcb6da892178029d5ef475fd46d22f9bb8ab31b87bf438
- SSDEEP
  
  384:lJGidpe3JQDUd6hgp6EQstzQf+a9DPbS43/H//cO802UeeVnZmM6BA0kyVJv9Qpu:Gep6JCwQDPbLPaRCzTdMAe
Score

1^/10
behavioral19 behavioral20
- Target
  
  1.2.6.0/run.dist/tk/comdlg.tcl
- Size
  
  8KB
- MD5
  
  abf277e4f62423f4345b6ad65640b8c2
- SHA1
  
  e66a4e37d51c7827c9aca449a42e0966aacbc8c8
- SHA256
  
  c7da292ccf5f413e599c3491c331ffd58cf273f8477facb097e6f36cf1f32a08
- SHA512
  
  aa9f75d7c5c915b5fcd2f454856d080d186ab9ba149dc139feaf7f4ac3dc51e6769e138e3b1be45b3fec3ae744189de44db2b748f0628ff13e4e733b9cd68bd5
- SSDEEP
  
  192:u4R7+/gFw/MEN55fO7eyjt4bjC+gR8e3vwLln/+LVtUw0tXK4jA:u4l+/gFeMI55Xyjt4bjC+gOe3Ih/+LV1
Score

1^/10
behavioral21 behavioral22
- Target
  
  1.2.6.0/run.dist/tk/listbox.tcl
- Size
  
  14KB
- MD5
  
  804e6dce549b2e541986c0ce9e75e2d1
- SHA1
  
  c44ee09421f127cf7f4070a9508f22709d06d043
- SHA256
  
  47c75f9f8348bf8f2c086c57b97b73741218100ca38d10b8abdf2051c95b9801
- SHA512
  
  029426c4f659848772e6bb1d8182eb03d2b43adf68fcfcc1ea1c2cc7c883685deda3fffda7e071912b9bda616ad7af2e1cb48ce359700c1a22e1e53e81cae34b
- SSDEEP
  
  384:apDYV5Yupn5OcckwBv3HCpg2J8JvJBfWeZhXkz+WkHGowv:aPPkevB2JuvJ9D3XmSc
Score

1^/10
behavioral23 behavioral24
- Target
  
  1.2.6.0/run.dist/tk/megawidget.tcl
- Size
  
  9KB
- MD5
  
  d83ed6ac2912900040530528a0237ab3
- SHA1
  
  2d18e42a8b96c3d71c1c6701010fdf75c1e6d5d8
- SHA256
  
  848258b946c002e2696ca3815a1589c8120af5cc41fbc11bbd9a3f5754cc21af
- SHA512
  
  00b4cd0d58029fc37820c163a4ae1dead22fb5c767bdc118659eace26d449c362189611dfb3fab1ac129fabfec2ce853ea2c10d418fae5aeb91ddc9330ff782d
- SSDEEP
  
  192:mvEEVwjVwqOpOLbkVAg/vyKEZ25YbKZbwrmQ:mvEEVwJwpALPgnyx25YGZkr3
Score

1^/10
behavioral25 behavioral26
- Target
  
  1.2.6.0/run.dist/tk/menu.tcl
- Size
  
  38KB
- MD5
  
  b7daa21c1c192b8cb5b86cbd7b2ce068
- SHA1
  
  ae8abf9017f37ccdf5d0d15de66bb124a7482ba0
- SHA256
  
  312af944a276cdbf1ee00757ef141595670984f7f13e19922c25643a040f5339
- SHA512
  
  b619e3b8be5ec4545e97b7a7a7f7fecc2aafa58438f9ca3819f644720cf5ff5c44da12ac25988570e595d97cad799f87d93c24d5e67a7a953b9f5312952fbeb6
- SSDEEP
  
  768:NKJsO8O4IzOQjJwxzire5pKVjriecYyq4CpKgnP:NKJsO8iOQizire54lriecYf40
Score

1^/10
behavioral27 behavioral28
- Target
  
  1.2.6.0/run.dist/tk/mkpsenc.tcl
- Size
  
  30KB
- MD5
  
  983c7b78f1a0ebacab8006d391a01fcd
- SHA1
  
  7ea37474ea039ed7a37bfdd7d76eae673e666283
- SHA256
  
  c5bdca3aba671f03dc4624ab5fd260490f5002491d6c619142ccf5a1a744528a
- SHA512
  
  a006ef9b7213e572f6fc540d1512a52c52fec44e3a07846de09662ae32b7191c5cf639798531847b39e4076bf9dd6314b6f5373065c04f4fef221185b39c3117
- SSDEEP
  
  768:+c4g8rSnBGzHsGK83Ch0x/0kmSq6O4+rNfPCpM2sEmqKys3pCJxi5dEaY:+c4g8OnBGzBK83Ch0x/0FSq6OnrGM2h3
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  1.2.6.0/run.dist/tk/msgbox.tcl
- Size
  
  16KB
- MD5
  
  217087ab6b2a8f9d7252e311d69c3769
- SHA1
  
  09aeb2bc5b7c7f4ab3de4211d786c519ae0970f6
- SHA256
  
  a07e3a3809ced3c6c9c1e171dca5ad1f28357734cd41b2b9dd9f58085b3d2842
- SHA512
  
  6e57633c924bfc16d380c014c20dd24d5727e70d4843fcec4d7995b4db21941ea8f2a5fd6e5386df3364b6905d4d66b2b9595dc8fc70cff40a2d49a92a1b6fba
- SSDEEP
  
  192:+haZOxBpK8uxGe4V88/wxY3Fxqipz4zz4zxxFzxT4OcErDxqdRRZeuC/Vj2CoopC:+hRWRG3FFjvsfCoopwITHzLHFHHAABs
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32