e2cd43d988121ee0cf9bdbaa46d5d1cc99dd742cb0540f674923621eef0d57fd | Triage

Sharing

General

Target

TIR.7z
Size

175.7MB
Sample

240802-x6ax1swhpl
MD5

5c1c6693a8cd8fbc4630b700dc7a5c86
SHA1

33cde245441e4374e735eb5bbd2703c245b1f59b
SHA256

e2cd43d988121ee0cf9bdbaa46d5d1cc99dd742cb0540f674923621eef0d57fd
SHA512

bd4208451caf1e007c2339ae94a76a327aa6510fee966cc9b7d1049ae7a4b3580d57c47a89e8ed20d5e1822b3b27d2c30a61d30d2703f2fa928563b978048a9f
SSDEEP

3145728:/rKa5lPRJZaicGYm3rfVXi3eye/ttKcOUxoqxXVwigcN/cBh3zGFROYw9sBieUtu:/GaDRJl7fVqeVs2o6PQBh3zGMW6ai77K

Score

5^/10

discovery pdf

Malware Config

Targets

- Target
  
  TIR/CONFIG.CFG
- Size
  
  3KB
- MD5
  
  3e57f391b5f6028a5b3b55b4381e606a
- SHA1
  
  2717abc25dfedb69f555027c07adbc735d3eadd8
- SHA256
  
  4bf094369cb1f01e2be1814f603f98f78c84a04e98dc1aa99024fc55c184be72
- SHA512
  
  511c8608f4f44995ff2101f602de0d1f6459fcdc97da6506ce3d2352d310e776b61b8c768bcc2aa6443df31df6b2226d544ff8b28aae40ca6c4ab87356d04a9a
Score

1^/10
behavioral1 behavioral2
- Target
  
  TIR/CONFIG/MFC40.DLL
- Size
  
  902KB
- MD5
  
  7f1df918cf903a1c4d219262bbd035da
- SHA1
  
  0baafd91aa0a68e29528d8dad67cb9e6fe7cc544
- SHA256
  
  7a06cd62aefe8c83c3f81ab0b3f43ab2af6a1288f1bc698893977b34224697fe
- SHA512
  
  204535bf5b06d3bb0b1feeac32a08ecefd24e512dae832f0dc11998e0c24401a755e3f3d328fe76033abbc0cef105c75527a0d2d6968cb60759f5b5be524643a
- SSDEEP
  
  24576:ZIRMrWFO8uILW7A0b+yFJaRDNbvRPq1fB0kC8wk3dijczQSx+xKhWQxerl9C:ZIR0dy2FJQNFQx4
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  TIR/CONFIG/MFC42.DLL
- Size
  
  972KB
- MD5
  
  a430faae0a4db973500b6c882f8848e5
- SHA1
  
  072be63a429756da60f4b4d0d4b59288b295c380
- SHA256
  
  52e1eb5eb51f0b08fe08a6ab97f522247161a816a8296b7bba87d2865f3985fd
- SHA512
  
  608f8fbbc52c1c50ebe0e3bc772d2869fc985892da18ad2a406c283e716dc4fd73bb07a229d7d64d5fccf4e39cbdcacca7d9fb27f1ccdbe02ab5ac97e828a0ae
- SSDEEP
  
  12288:cKw0yBKAkOaeVp7dwQvzr254GjiExYznwb88wpyTmak56/g2vi8Ii8:jvWKBPQk4+iExwH3ETmXsl8
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  TIR/CONFIG/MFC70.DLL
- Size
  
  952KB
- MD5
  
  09aef167eb1531e965053d0dcf6cc573
- SHA1
  
  fbfedfc12e260ac10ff19374f4be265fa139539e
- SHA256
  
  a133f981269d550812ac443f8171013767edf75fd5e8f45f28e10d87132df5c7
- SHA512
  
  8fdc96179b8303c06d3aec8f9f474d14b4504def5625230f1ed5a04120f358bc7c25877813ca4fc3e36624bf04cdbb26f42e2ebdf1fdd954aac99dd9093f1fa7
- SSDEEP
  
  12288:74Rw9zxgV8JNytFbltVZohqaxCrV7OLDlZOznVd5jHyObfZsKO4tLi1mZ7YSch7b:J99QFpbZohqaxoOVEzLbtLi1Qch/
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  TIR/CONFIG/MSVCIRT.DLL
- Size
  
  76KB
- MD5
  
  c520e54cb1dfa71edb3c52ea2c28f1ac
- SHA1
  
  cb6e932269387971da456852ef3e9370f8e3f57c
- SHA256
  
  62fd0613602fe8f4e15801497c64af587f8c5f9e6330529bb960d962179520e1
- SHA512
  
  c65d2df8ef350d780011f7b138f6444e30c909132fccae77e903b39126f5b369131fef368286120deecb6c0ba354f856a43a98f500c5a525f1378ca778966f3c
- SSDEEP
  
  768:/6nlZFvieBnAicd2+Up6D/iKjqb51AlrT1Xgt1QtoliFNUTO1ntgQXHhAk/twBZB:klvBlAiCrXT//F6QXHhAk/twBBPh
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  TIR/CONFIG/MSVCR70.DLL
- Size
  
  336KB
- MD5
  
  9972a6ed4f2388dbfa8e0a96f6f3fdf1
- SHA1
  
  61b8f573db448ae6351ae3475c2e7c482d81533c
- SHA256
  
  f68e4cdbc879423ea47d763a6768567f5f8063924f13a74239750c13fa8d168a
- SHA512
  
  d1b7513ae1176c9a933baddcd1bf93fa089eca605c8abcfd628d3bef2f194347cd96bb39d849ebc6d8da350b292116cb2efb8a001acdb1b1cde4ebdad33fa33e
- SSDEEP
  
  6144:SJXaB17daPjFKMrwgWs0uh+PGdmkV2EfFMQiFbNrboYgxg0bCAO5Z09:yXaXJaPJKMrwgT0u0PGdmkV8O7rCLZy
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  TIR/CONFIG/MSVCRT.DLL
- Size
  
  284KB
- MD5
  
  c93548203699d997ae43ada7542864c7
- SHA1
  
  1348a988763b7d382462ac88984c76e9f419cfd2
- SHA256
  
  dadad35bf69ede748178e83a9e66f8d5d371ef9b686d65ca969cd4d1b3cc5c93
- SHA512
  
  468fb151190418613808a9d570f54eb657a3e92b41f66d6a9b5976c042a0e1e2cff93e0f0f85628a0c107477e4c1f838f625af41b0885f107ae5e1e97fcaf341
- SSDEEP
  
  6144:/XX8B414AVWUmp5Ovk5FsKqmHQ8/MFMgiFjNr7mcl2I0BOqaK:/H47AVWUK5OvkQKqmB5UzT5
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  TIR/CONFIG/MSVCRT20.DLL
- Size
  
  248KB
- MD5
  
  0cdf4d609177fa1a0217ec2405455354
- SHA1
  
  c618ef88c7d3ce6f36302ef0890e461dac7f3a5a
- SHA256
  
  933c6a9898dd97fc109e4d161321ebcecd51a24fbcb9b29ccf21c312cdc51b1a
- SHA512
  
  45c82a40aa17f0345a20cb6232591b0c2307ca9047ce055ea1eb3d32173ac1bea6b5ef04cac4ef9459591f0d7f30bd99f85cc76c0ac29536f5ddd3c3cd2b2301
- SSDEEP
  
  6144:KlhGZLtYKjcbX66I/UPZOWcYw89ujE3039j6PXMIiLTQaP3NkQopNJ:6YLjcbX66I/UPfcYWjE323YaP3lkN
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  TIR/CONFIG/STR_CZ.DLL
- Size
  
  56KB
- MD5
  
  c6f115c4d1bdc6edb2dd0b58c2c5d022
- SHA1
  
  365eb82e7b3811528a8968a400ce63ccc7b4355d
- SHA256
  
  798693f2507e087b2b4be0e519f461b80ea135253ef0012d9b89564d12f2f78a
- SHA512
  
  86ba3fa0103eba5fe65818cbe64d8c2f1f5d7c7c922c2b774755ab60182e6431f7ff33a53be44ac6b3a9e4c60efd4207316144489bcfa4b1bf1381619bd53a89
- SSDEEP
  
  768:/ArHA1xDKrjOxTstH0VLvpu2ypSaI0D/PxaLgamL:/KAXiCxTstH0VLBbhJ0bPEkam
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  TIR/CONFIG/STR_ENG.DLL
- Size
  
  56KB
- MD5
  
  5a873f530105f4ea55677ebda6b2dc4c
- SHA1
  
  aad3f70bce92a5c60bc961dedb5fde87fa4f9756
- SHA256
  
  b17de08f3162cc69d35f744fefa1456da6fbb520050f1429337fbf5febd30a21
- SHA512
  
  4ab96f7cf273984a62c209c073dfc64fca296691b50e504d8998b1771aa72024d7a203078052d8c7e3eb9ac97aeb5ddd1ca7d6557c0f5f416c3fb4a332d31285
- SSDEEP
  
  768:xArHA1xDKrjOxTstH0VLvpu2ypSaI0D/PxEwEaamL:xKAXiCxTstH0VLBbhJ0bPp/am
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  TIR/CONFIG/STR_FRE.DLL
- Size
  
  56KB
- MD5
  
  a008ec2ae8ef9845e3805549499170b0
- SHA1
  
  77cda2042deee0f2c76f5d56847b7c4dd3ca7c4c
- SHA256
  
  4b025f39b4e61fe94bb45cc9ccdf4cfa24a721a5d9bb227ba459f157f2a94880
- SHA512
  
  8064e5ea7db2cf906f05819d3a77913b08c8cac8ca4ebc5c1758805a5f607314936c170817733a6a0b36eaae698503fa05adaff8863eb35e21fbed172f3750fc
- SSDEEP
  
  768:AArHA1xDKrjOxTstH0VLvpu2ypSaI0D/PxK3tamL:AKAXiCxTstH0VLBbhJ0bPgam
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  TIR/CONFIG/STR_GER.DLL
- Size
  
  56KB
- MD5
  
  690282af35ac7696ada9b1518fc64a98
- SHA1
  
  1b6065e3b568f9e3407f4058368f6d22654c13fe
- SHA256
  
  ec912cd5f3bf27f29bbaa6a5e82836f636c5efd66fabc2ab7c5492582f6e9be8
- SHA512
  
  e5f2b1524d5d957d44e025d99bcdf277d19154caa373d8f1f68ef01c1119beff369e031981321f32f1f99f361b8125c28f7222e6d1217fc674c4e0a86f95ec64
- SSDEEP
  
  768:7ArHA1xDKrjOxTstH0VLvpu2ypSaI0D/Px9ZzJamL:7KAXiCxTstH0VLBbhJ0bPLLam
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  TIR/CONFIG/STR_ITA.DLL
- Size
  
  56KB
- MD5
  
  c43ca1fc229bc21391acece8f144aec7
- SHA1
  
  84d76ac4dc840732774e349e115d6d7b3ff1ae3d
- SHA256
  
  09e06164749b2392b7617783ec4a7e9c6458ea52d9ec5db60edf3dd66dd67421
- SHA512
  
  0d94b61d80ce6acf66d1a2723257651e7d9cd75d5c716c9bbb438b9e93de09947a4c7100cde2e4931171592a684c0e272c226822ee3c448f8c4865fa2e5edcfc
- SSDEEP
  
  768:6ArHA1xDKrjOxTstH0VLvpu2ypSaI0D/PxLTiamL:6KAXiCxTstH0VLBbhJ0bPVmam
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  TIR/CONFIG/STR_PORT.DLL
- Size
  
  56KB
- MD5
  
  e787b7319195e06757e7776ccb4fc93b
- SHA1
  
  4125b7fcf658e486cfcf4c93a19fe2bd202aaa52
- SHA256
  
  988c5fcc98e2191e32c25031dc35c51460828f774b9048f171604bddf85a8844
- SHA512
  
  bc2a166f4eb527418e86ceead1d84a4dd91a4cd37b7e2d482fa331a5a16e1e1a691b33b52831fa0859d2b7382487b7fc33a22164e134fe672410e0aa249fa03a
- SSDEEP
  
  768:eArHA1xDKrjOxTstH0VLvpu2ypSaI0D/Px0KiamL:eKAXiCxTstH0VLBbhJ0bPiam
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  TIR/CONFIG/STR_RUSS.DLL
- Size
  
  56KB
- MD5
  
  a44c8c8428c76cd1ad002c52e019e5c2
- SHA1
  
  92674b4e779b7127af3dcce82bed0b5112b1a86f
- SHA256
  
  8248ece1f601ef82765b4f86fed8f4f55bd6406d53d6a8e7f55bcd29ea620cdb
- SHA512
  
  0d04354126b1aaa56cfadecbbb27073e487efc0c706a44691cca3269bf6d3effc1e3790740758310f7b1e0c371fc78171d93aa9efcf17cc939ee9e3fe7037f46
- SSDEEP
  
  768:SArHA1xDKrjOxTstH0VLvpu2ypSaI0D/PxwGamL:SKAXiCxTstH0VLBbhJ0bP7am
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  TIR/CONFIG/STR_SPA.DLL
- Size
  
  56KB
- MD5
  
  4db562185d8a46c30b1274bf73c354cb
- SHA1
  
  64858cda09aa18c9cbaa5ed9f1d3c733246c8492
- SHA256
  
  f78a11ce3fb48763651e0771bb0eef4d353a3527c4b280abec7c563e05b5eaef
- SHA512
  
  c9a64b4cdde2bfd45fd1f8efaa1c210f6d07524c0227a445647c9b1adb19598abb49adc921b9f374a7b96e28d1f468dd014e4347f07f70d577b1b0462a332e5a
- SSDEEP
  
  768:lArHA1xDKrjOxTstH0VLvpu2ypSaI0D/PxzLamL:lKAXiCxTstH0VLBbhJ0bP5am
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32