e06e7863d70d633589135d5f8801a19b09280d6bfb34cb3dec65d74ebebf6633

Sharing

Copy URL

Twitter E-mail

General

Target

3f88e738a3ed1ad2aaab07b474da5910N.exe
Size

1.4MB
Sample

240714-3hwgpszelc
MD5

3f88e738a3ed1ad2aaab07b474da5910
SHA1

76c34461c171634f56ffb1335fead35d9f5878f2
SHA256

e06e7863d70d633589135d5f8801a19b09280d6bfb34cb3dec65d74ebebf6633
SHA512

bf5ba94b2f4253323f8484c899914c56847276cdd332ea0e46fc8cc08666337182a8ccc181b0528a865657cfc3414bfffabbfec795da48c5a4c9e01c4c54afd5
SSDEEP

24576:pmJJvwT8n4ZytMAgrvqGM0Vv0EnTd242/qZTIFHUe30/UeqxjYdnwAyRTnFlGl8n:pcAJZyNMz0YyqZ0FHXpRDGkDk8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3f88e738a3ed1ad2aaab07b474da5910N.exe
- Size
  
  1.4MB
- MD5
  
  3f88e738a3ed1ad2aaab07b474da5910
- SHA1
  
  76c34461c171634f56ffb1335fead35d9f5878f2
- SHA256
  
  e06e7863d70d633589135d5f8801a19b09280d6bfb34cb3dec65d74ebebf6633
- SHA512
  
  bf5ba94b2f4253323f8484c899914c56847276cdd332ea0e46fc8cc08666337182a8ccc181b0528a865657cfc3414bfffabbfec795da48c5a4c9e01c4c54afd5
- SSDEEP
  
  24576:pmJJvwT8n4ZytMAgrvqGM0Vv0EnTd242/qZTIFHUe30/UeqxjYdnwAyRTnFlGl8n:pcAJZyNMz0YyqZ0FHXpRDGkDk8
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ProcDll.dll
- Size
  
  63KB
- MD5
  
  ca5fe462579bce3707666a8c656105df
- SHA1
  
  5dea6f63e173da570590608a8a4c6e9ac523a6df
- SHA256
  
  6c4b8dd9e61c62cdb8e53e9cfb18aa1a980180fb9156371c47745e4292a9d2d8
- SHA512
  
  83f1939441186a83b4adf1e0f38a3d3947b8c6aa51839eab1ae496e154eb2742b2b07be37e97bfea68e24fffd7b7740f503aec5f718b6a037889f11bddf955a8
- SSDEEP
  
  1536:D2hKE2+c+aal9aRK+o0zfYUplU8wMIsCvpJxhV:Dkc+aaIKmftU8ZIsCTxhV
Score

3^/10
behavioral3 behavioral4
- Target
  
  $_2_/MiniQQDL.exe
- Size
  
  201KB
- MD5
  
  3063dcc85aaf2789dc05d64349b04f60
- SHA1
  
  df0f098bb8d8f8fdc7794632a5f0746413cad50e
- SHA256
  
  ff00cb35393d600040be9c3bd363890e13188a257114c07dfe1f6f06e5f0d6f1
- SHA512
  
  7b9f56d348f420275a3788cf86fcb8ed5451a2c4b0961c51fa2144ad995c4ad66512ab34888065c8b1ac1b1c959183b86c0772e3c97507454a7a24beef2c9f32
- SSDEEP
  
  3072:4It9PPcuohxF7qGFAgAQb++ygfN9EVaN0+t9VPuFbwiiOvLhIVqj:4kcL5qr0vKVaC+rPaciiOVQqj
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral5 behavioral6
- Target
  
  $_2_/TenioDL/TNProxy.dll
- Size
  
  381KB
- MD5
  
  d5922567a24fc0dd563640c7c58f207b
- SHA1
  
  b8927d8a8b495a1e3900bc798fe13828e7119e43
- SHA256
  
  4050849dee043613c252d5f684092b54dac355943b95e16789bc982c3ab60683
- SHA512
  
  4fe661cc655e3f69e3010f9e081522cbd2e9b0604d72dbdf83ac4edfefaf1ff1aa3e4e431e214950620fa7b752a1f41be433319ff20551bbb1f1828ed023ad42
- SSDEEP
  
  6144:tzJn4huTMjHzBYFHiAr2io6E9XocLlDL3VjZYdnEnWOQrunDqUNu:YuTuArXoh9jLln3VWdnEnWOQrunWou
Score

1^/10
behavioral7 behavioral8
- Target
  
  $_2_/TenioDL/TenioDL.dll
- Size
  
  261KB
- MD5
  
  a162db275914a5c7adcebf845af9fd07
- SHA1
  
  92b24aa4047876c0b7109ad5b0b595de3369fdc2
- SHA256
  
  923f5a90bc36564cb8f8b4107e3f0a46b797d9fa737e8533c8b9acc183c78162
- SHA512
  
  e4190800e07cb71b812e3e74d0a83a13fd5b3c5d764cb4c6deb49100a7040f48c55d518809c9d4ae20564b7ba2419a02c0ab716d3ac540e141f6ef440a267da2
- SSDEEP
  
  6144:ddefgHzZ+ApbWHTrc5Gh3wZmWTBc9sODOJ1gAowU7Oa5Y:ddUgTjbWzrcstwZmWTmEjgAowKY
Score

1^/10
behavioral10 behavioral9
- Target
  
  $_2_/TenioDL/TenioDL.exe
- Size
  
  333KB
- MD5
  
  ce472064b917fdd429b07d10880c487f
- SHA1
  
  0c092116d67a5447f1f632c4e0e65a3b516a892c
- SHA256
  
  bdf2209a2cb6a7b9c3a0be4a7a0abdf988f446a4232973c6204ee2e4a2ed632a
- SHA512
  
  2b158fc4498e3756c17c8b44d2fc2464d62c639b6d425e72301c0f9b6f359a67e011d647c8de698c9e794cef0e65cb9efda34b63ed060611d97b0eadbf3c88d7
- SSDEEP
  
  6144:9TqmoyUiZ4Q5ihITwRYoOhQYtm5p4qpBtV/A5MGdTKLUaAxkBbOC+OJOh69A:9loyDZ4Q5ihRYEYtm5p4qpBtVo5MGdTh
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Modifies file permissions
  discovery
behavioral11 behavioral12
- Target
  
  $_2_/TenioDL/atl80.dll
- Size
  
  94KB
- MD5
  
  3c7def3cbbca6284867aa4621d5d8a54
- SHA1
  
  4bd9852f1f063b9fd1e1829b756d381e14609fa7
- SHA256
  
  db18738202dcda842dce505ecd0b858d7b4c55886cac29827305f0dc3839143a
- SHA512
  
  1f9e89114a579bbb0c175d5fb587d58a923a0f556361b2f6c5ae3ffeb139539733e46edb3df1627fa630d5bc80cdf5ff311ca75754ca306345569cd48f51f2c4
- SSDEEP
  
  1536:RCYlLTNQQ/Nucs4hRKF+HnLoRsV1TlWh8XhylIjwaCi6imXmwxCU4tkm:R7LTNzNup4hAQHnLP+VXmwxCtk
Score

1^/10
behavioral13 behavioral14
- Target
  
  $_2_/TenioDL/bugreport.exe
- Size
  
  273KB
- MD5
  
  365d266b98414bf164e2e0e33c944bce
- SHA1
  
  f8b76f222b404efb3c6b66053b86f0fbb5d51d54
- SHA256
  
  ec9269d5c79f40e04609b33ba6f9fabe41681b17a906ebce9e7ff76207b6f65e
- SHA512
  
  3aa60ea1c6f72cc7ee9d851f629ad2e247fa86ab7f8a7683b0de962902a9760dda233889a8eb9a097055ea6bd242623718ea7f3cd4be5005390a713142a18bdf
- SSDEEP
  
  3072:HIYPuy0BgFx6AfRz10Td72Sn4UvHbZ0IspRgNSSTBfQwgtXFn/qewqMfNdabc:CQxrzOTp5pbdZNSSTB8MqMf2c
Score

1^/10
behavioral15 behavioral16
- Target
  
  $_2_/TenioDL/msvcp80.dll
- Size
  
  536KB
- MD5
  
  4c8a880eabc0b4d462cc4b2472116ea1
- SHA1
  
  d0a27f553c0fe0e507c7df079485b601d5b592e6
- SHA256
  
  2026f3c4f830dff6883b88e2647272a52a132f25eb42c0d423e36b3f65a94d08
- SHA512
  
  6a6cce8c232f46dab9b02d29be5e0675cc1e968e9c2d64d0abc008d20c0a7baeb103a5b1d9b348fa1c4b3af9797dbcb6e168b14b545fb15c2ccd926c3098c31c
- SSDEEP
  
  12288:Q1HyurvZ0JPjuTtSu86th1n/hUgiW6QR7t5j3Ooc8NHkC2eo:Q1HyurvZ0liTwuhtjnj3Ooc8NHkC2eo
Score

1^/10
behavioral17 behavioral18
- Target
  
  $_2_/TenioDL/msvcr80.dll
- Size
  
  612KB
- MD5
  
  e4fece18310e23b1d8fee993e35e7a6f
- SHA1
  
  9fd3a7f0522d36c2bf0e64fc510c6eea3603b564
- SHA256
  
  02bdde38e4c6bd795a092d496b8d6060cdbe71e22ef4d7a204e3050c1be44fa9
- SHA512
  
  2fb5f8d63a39ba5e93505df3a643d14e286fe34b11984cbed4b88e8a07517c03efb3a7bf9d61cf1ec73b0a20d83f9e6068e61950a61d649b8d36082bb034ddfc
- SSDEEP
  
  12288:6Fqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeC:6Ui2C1JdoiEdmGyYu
Score

1^/10
behavioral19 behavioral20
- Target
  
  $_2_/TenioDL/p2papi.dll
- Size
  
  437KB
- MD5
  
  5120752765a11e1a4d71e6c9d6f2a720
- SHA1
  
  18cdb039a788e64be485d8c242a9eb2761e87826
- SHA256
  
  f23545448f055dee379dee42ed95c9b7b6d7d8a1558814ec44544c0eda2f3797
- SHA512
  
  fd53007a369f3fd49b2ae6fdfeacb78253bcbae1015dd6770232be3e8c9f3634928129084bead359cf6befb6473d371e798de0a8d09b19f2697e5a83ee3b6af4
- SSDEEP
  
  6144:rEu//6tJyy68NRHTYXRnoMCcpqW+kfTTBqBGpsTOA0PmpTHt:4dtJyy68NRHMiMQWVfTTsBG9mht
Score

1^/10
behavioral21 behavioral22
- Target
  
  $_2_/TenioDL/p2papp.dll
- Size
  
  169KB
- MD5
  
  1fe9e12c790cba0013e96c7f7b805366
- SHA1
  
  296aff428041ee5718dd2cefea89144077063b1c
- SHA256
  
  69c24cca97afaf85d8b77ea1b8c4b56a3dae255973aeafd00c588c438f5c0fb6
- SHA512
  
  4f63aa0041cb0de5dc96efeff1eeec6ab0f7d1418f8af0d78a12c3ef3892257211a860008ba17abd435c08cef542d1c93650522f7673406dc1d1f84b613d9251
- SSDEEP
  
  3072:0UFdQ65k6e3f88gV4aoWTBfPvqCVOgLxJKnQL:/r5kg8faoWTBvqCVOgzIQL
Score

1^/10
behavioral23 behavioral24
- Target
  
  $_2_/TenioDL/p2pcore.dll
- Size
  
  445KB
- MD5
  
  0b85695db97bc8fd031032d92a087292
- SHA1
  
  7b3a60eb255292b565912d7661cc1d7cc9dedc20
- SHA256
  
  e4df17519d39d292d36e785786198e84d1f0b9b6ce868ce374bb28c82507b397
- SHA512
  
  1ff3af7e2d0d62a5ed94104b9c59529103a59619fc623206f20be56fb916f33b30f81e8a1ec306b7d920440343f5f5827f8d9de56a61765fb2b4f0b52a5c89f5
- SSDEEP
  
  6144:BNv7aTHbkmR6C0YaaLRqDR2aygBPX42/sRSbSzOABOs4Z:rTaLNwxaLwDR1yiPX4dRCNZ
Score

3^/10
behavioral25 behavioral26
- Target
  
  $_2_/TenioDL/p2pdata.dll
- Size
  
  293KB
- MD5
  
  0a8116b1e43842e3c80283f92995d40b
- SHA1
  
  ea38ce4eb1e6f80ff3e94afa87ac8ae7e5133018
- SHA256
  
  5a6d5c77bd731243ae23161bf9717fd93a505d944a32233595e55a16507d82a8
- SHA512
  
  294dd800fb7e2c7e9721369cb02293fdd4da33a7ce4cb97801a70f80f229a195400a0c143d3ca4b815f7e990a755c0fc85998a82c81913857d843ec6dc3a2fcf
- SSDEEP
  
  6144:ibQk1vx1qHv/cFOxd2KQZA9py7iO/B1eO+fhNiOAeXHqf:wQk1vxqrdFQZA9py7L/XeO+f3DHqf
Score

3^/10
behavioral27 behavioral28
- Target
  
  $_2_/TenioDL/p2phttp.dll
- Size
  
  153KB
- MD5
  
  14d39f3db649d39bea3e14db860e6d9f
- SHA1
  
  20f134b305dee5415263f9b9a8963e4759740146
- SHA256
  
  397f93340bc59f3c00f7054c58ec63b8b0b4512b0a5c4c8b658699357fbc6296
- SHA512
  
  69a6028bf7e74e4c1d4916593b7ff1c3173ea98e0d9ce52087f9bc276c8fddb1e8c8c245a2a6aa0c7e44ba5e7112483f8419407b5a45b5e33ba52490a3dcd436
- SSDEEP
  
  3072:iNlosWW4RKBz/hJqyFyDydHr4r71/nLjeUacHOAnRE2:OosEuqysOFrqeUaSOAn+2
Score

3^/10
behavioral29 behavioral30
- Target
  
  $_2_/atl80.dll
- Size
  
  94KB
- MD5
  
  3c7def3cbbca6284867aa4621d5d8a54
- SHA1
  
  4bd9852f1f063b9fd1e1829b756d381e14609fa7
- SHA256
  
  db18738202dcda842dce505ecd0b858d7b4c55886cac29827305f0dc3839143a
- SHA512
  
  1f9e89114a579bbb0c175d5fb587d58a923a0f556361b2f6c5ae3ffeb139539733e46edb3df1627fa630d5bc80cdf5ff311ca75754ca306345569cd48f51f2c4
- SSDEEP
  
  1536:RCYlLTNQQ/Nucs4hRKF+HnLoRsV1TlWh8XhylIjwaCi6imXmwxCU4tkm:R7LTNzNup4hAQHnLP+VXmwxCtk
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Modifies file permissions

Modifies file permissions

Checks computer location settings

Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32