General

  • Target

    Tftpd64-4.64-setup.exe

  • Size

    633KB

  • Sample

    240828-qt4w1azepg

  • MD5

    044cc568b52ce2e65eb82d3d3b7ffa2f

  • SHA1

    e53df45b9994f7d02b48b0e002d5e06f00535bc6

  • SHA256

    525a2eb43f2a4c702213723541335dc0391b42a01177e1faf5873e0cb7540ce0

  • SHA512

    1ee71ba4ba71faf0f1bc4fc4b3f5292ffef6cfa19d08b169534260daaf2bf99960db364382039f45fb17e44295d9c2473a747779a21cb35375666c08af3ed4be

  • SSDEEP

    12288:slKyxovP4Jw+ULNC0IVfG5IAeKPOFwTM84qpcy+qtv2tSoTqLQby4q:sMyavP4Jhg7IWWFA4qphN28o+LQe4q

Score
7/10

Malware Config

Targets

    • Target

      Tftpd64-4.64-setup.exe

    • Size

      633KB

    • MD5

      044cc568b52ce2e65eb82d3d3b7ffa2f

    • SHA1

      e53df45b9994f7d02b48b0e002d5e06f00535bc6

    • SHA256

      525a2eb43f2a4c702213723541335dc0391b42a01177e1faf5873e0cb7540ce0

    • SHA512

      1ee71ba4ba71faf0f1bc4fc4b3f5292ffef6cfa19d08b169534260daaf2bf99960db364382039f45fb17e44295d9c2473a747779a21cb35375666c08af3ed4be

    • SSDEEP

      12288:slKyxovP4Jw+ULNC0IVfG5IAeKPOFwTM84qpcy+qtv2tSoTqLQby4q:sMyavP4Jhg7IWWFA4qphN28o+LQe4q

    Score
    7/10
    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      EUPL-EN.pdf

    • Size

      33KB

    • MD5

      254b5ddbc15269e72ba3a0508681a70c

    • SHA1

      2263ae4c0b71bf7be09707d8ffe1176807e8c69e

    • SHA256

      cd5d9e2a925d8daa92d083fd8c1cea48df1bcfffd857f4f93e2148fddc5001ec

    • SHA512

      9bb5a4bf1b5167725e2126ce5152e3be11b7288c743c0d7c71b98d0551e47bce417b0b1c0a14ff523a7c90ec9d0b930a0879b31b22f10b0a068f635103faf504

    • SSDEEP

      768:XWSMyoY3GnGTmerMqJoOunEg5ADW7+1DTsPVMAgjTLRzp/rFQ248gYT23:/93GXovsE+Anm+hJrZL23

    Score
    3/10
    • Target

      tftpd32.chm

    • Size

      356KB

    • MD5

      de0095e371874836fb50cd3400d7b204

    • SHA1

      8a1000443a71417c6233f277b87ca6585bebca2a

    • SHA256

      810a0f52703d051b30d5ecd219c72b0599964de34d1c1912367271c87d4725bf

    • SHA512

      0bd27dcf930df12d4fc2f29caae8809be74d124946561d60a6fa0e8d775ab3baf34dbde2560bb483a348d769d39c79b9af9666daa6eb87770053736d1df474db

    • SSDEEP

      6144:jU06ChpcJshdgk7fEPOgZLrBOhw8B84J3pCARzcy7sbqtr2YhS60gTurOQrVm:z6EcJAe3POgBTO84Hpcy+qtr22SoT4xo

    Score
    1/10
    • Target

      tftpd32.ini

    • Size

      616B

    • MD5

      c973075d00b0bf2d5c4cb18155ad92fb

    • SHA1

      0b1d0a6c40da12b81e6bab942a6631f19e18f1fc

    • SHA256

      0c00cbdae4e3f2f430ca803e2e08bb3cbba4e83cf9024dbb64da212b8034e60d

    • SHA512

      b987aa69a90fc14d0c4e7ebcd7db6a3c9580f705ce6753104163017975b4e8a1f09c302123c83421943e33a591b509f8edc398a00fe4932132d32c169db34fc9

    Score
    3/10
    • Target

      tftpd64.exe

    • Size

      383KB

    • MD5

      3c1e3215acc69f06f044802ed4695333

    • SHA1

      ea34a6bad04bc5a1fcb494668347cd302557f327

    • SHA256

      34de53b43c32e3ed5231a57683103acad1aebeef08309cf8e770c27acc90e4e7

    • SHA512

      82ed2edbb7286aac00b946f7f4c79e59079994fe8385e961abd1291440fdf26e14c724943eaabebb517e921ece4b384b9d50905898d71f2efaa427be7082d2d0

    • SSDEEP

      3072:2UANSGQV9/2Q2ZE1nEDBRjDds0FmgMUIpipKfHEZji+jbqLvInpmU9tqx2sFnU59:QsqE1nEDPlTFmkpckZW8qbIZpsX9

    Score
    1/10
    • Target

      uninstall.exe

    • Size

      37KB

    • MD5

      078daf9669ef12a368f1aed5a21b1cd1

    • SHA1

      fc4d9a58d42089d6e7c42f45b92d87f978958dea

    • SHA256

      0a91e2fab1de979c8bd0816c5a709deb7bdb80a198c9163d58a5ce377607fb9d

    • SHA512

      7a18dcf41e30278cc1348c51ad904f9024dd431c48faa576484f8b189e53bccffade0a94563d0bf76fb07a0cbdc6033dec95ec8f1ad59c32518967b8d59df30d

    • SSDEEP

      768:FaKoIAEPaXHQe5cDOnLT6OSKQGg1qtOqGVfmMk0D3/jIp3KlcEJRnYlCd8:UKJAES3bS2L6KbuVfmMk0DCwctlCd8

    Score
    7/10
    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks