525a2eb43f2a4c702213723541335dc0391b42a01177e1faf5873e0cb7540ce0 | Triage

Sharing

General

Target

Tftpd64-4.64-setup.exe
Size

633KB
Sample

240914-t5ye5svald
MD5

044cc568b52ce2e65eb82d3d3b7ffa2f
SHA1

e53df45b9994f7d02b48b0e002d5e06f00535bc6
SHA256

525a2eb43f2a4c702213723541335dc0391b42a01177e1faf5873e0cb7540ce0
SHA512

1ee71ba4ba71faf0f1bc4fc4b3f5292ffef6cfa19d08b169534260daaf2bf99960db364382039f45fb17e44295d9c2473a747779a21cb35375666c08af3ed4be
SSDEEP

12288:slKyxovP4Jw+ULNC0IVfG5IAeKPOFwTM84qpcy+qtv2tSoTqLQby4q:sMyavP4Jhg7IWWFA4qphN28o+LQe4q

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Tftpd64-4.64-setup.exe
- Size
  
  633KB
- MD5
  
  044cc568b52ce2e65eb82d3d3b7ffa2f
- SHA1
  
  e53df45b9994f7d02b48b0e002d5e06f00535bc6
- SHA256
  
  525a2eb43f2a4c702213723541335dc0391b42a01177e1faf5873e0cb7540ce0
- SHA512
  
  1ee71ba4ba71faf0f1bc4fc4b3f5292ffef6cfa19d08b169534260daaf2bf99960db364382039f45fb17e44295d9c2473a747779a21cb35375666c08af3ed4be
- SSDEEP
  
  12288:slKyxovP4Jw+ULNC0IVfG5IAeKPOFwTM84qpcy+qtv2tSoTqLQby4q:sMyavP4Jhg7IWWFA4qphN28o+LQe4q
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  EUPL-EN.pdf
- Size
  
  33KB
- MD5
  
  254b5ddbc15269e72ba3a0508681a70c
- SHA1
  
  2263ae4c0b71bf7be09707d8ffe1176807e8c69e
- SHA256
  
  cd5d9e2a925d8daa92d083fd8c1cea48df1bcfffd857f4f93e2148fddc5001ec
- SHA512
  
  9bb5a4bf1b5167725e2126ce5152e3be11b7288c743c0d7c71b98d0551e47bce417b0b1c0a14ff523a7c90ec9d0b930a0879b31b22f10b0a068f635103faf504
- SSDEEP
  
  768:XWSMyoY3GnGTmerMqJoOunEg5ADW7+1DTsPVMAgjTLRzp/rFQ248gYT23:/93GXovsE+Anm+hJrZL23
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  tftpd32.chm
- Size
  
  356KB
- MD5
  
  de0095e371874836fb50cd3400d7b204
- SHA1
  
  8a1000443a71417c6233f277b87ca6585bebca2a
- SHA256
  
  810a0f52703d051b30d5ecd219c72b0599964de34d1c1912367271c87d4725bf
- SHA512
  
  0bd27dcf930df12d4fc2f29caae8809be74d124946561d60a6fa0e8d775ab3baf34dbde2560bb483a348d769d39c79b9af9666daa6eb87770053736d1df474db
- SSDEEP
  
  6144:jU06ChpcJshdgk7fEPOgZLrBOhw8B84J3pCARzcy7sbqtr2YhS60gTurOQrVm:z6EcJAe3POgBTO84Hpcy+qtr22SoT4xo
Score

1^/10
behavioral5 behavioral6
- Target
  
  tftpd64.exe
- Size
  
  383KB
- MD5
  
  3c1e3215acc69f06f044802ed4695333
- SHA1
  
  ea34a6bad04bc5a1fcb494668347cd302557f327
- SHA256
  
  34de53b43c32e3ed5231a57683103acad1aebeef08309cf8e770c27acc90e4e7
- SHA512
  
  82ed2edbb7286aac00b946f7f4c79e59079994fe8385e961abd1291440fdf26e14c724943eaabebb517e921ece4b384b9d50905898d71f2efaa427be7082d2d0
- SSDEEP
  
  3072:2UANSGQV9/2Q2ZE1nEDBRjDds0FmgMUIpipKfHEZji+jbqLvInpmU9tqx2sFnU59:QsqE1nEDPlTFmkpckZW8qbIZpsX9
Score

1^/10
behavioral7 behavioral8
- Target
  
  uninstall.exe
- Size
  
  37KB
- MD5
  
  078daf9669ef12a368f1aed5a21b1cd1
- SHA1
  
  fc4d9a58d42089d6e7c42f45b92d87f978958dea
- SHA256
  
  0a91e2fab1de979c8bd0816c5a709deb7bdb80a198c9163d58a5ce377607fb9d
- SHA512
  
  7a18dcf41e30278cc1348c51ad904f9024dd431c48faa576484f8b189e53bccffade0a94563d0bf76fb07a0cbdc6033dec95ec8f1ad59c32518967b8d59df30d
- SSDEEP
  
  768:FaKoIAEPaXHQe5cDOnLT6OSKQGg1qtOqGVfmMk0D3/jIp3KlcEJRnYlCd8:UKJAES3bS2L6KbuVfmMk0DCwctlCd8
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10