Overview

overview

9

Static

static

1

TTYD_EU_RE...v1.gci

windows10-2004-x64

9

TTYD_EU_RE...v1.gci

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TTYD_EU_REL_Loader_v1.gci

  • Size

    136KB

  • Sample

    240627-y4skqayelg

  • MD5

    de2dec61ab3c2f8d3ba35ed96a60897f

  • SHA1

    cc708aae99ec8c83b897161af36bd5a299abfd32

  • SHA256

    1c34cd45dd2bb8c44a48d60aea5e0ce811ae416b220361c8e35e7411e8801379

  • SHA512

    010d0343c84f149358d1122b77b8eab372a4434f4277ed08ba6029cdb2bacc882df60c1a5df594037b760b87b114f6b36e2ccd21201de08f731aa9eb74a8ef3b

  • SSDEEP

    192:xFYFXLa0InoIhfsvx0hkaokwdHUCJ02+3T9kH1Avh1Avg:xaX20IZo6hkVHUlvG1Avh1Avg

Score
9/10
discoveryexploit

Malware Config

Targets

    • Target

      TTYD_EU_REL_Loader_v1.gci

    • Size

      136KB

    • MD5

      de2dec61ab3c2f8d3ba35ed96a60897f

    • SHA1

      cc708aae99ec8c83b897161af36bd5a299abfd32

    • SHA256

      1c34cd45dd2bb8c44a48d60aea5e0ce811ae416b220361c8e35e7411e8801379

    • SHA512

      010d0343c84f149358d1122b77b8eab372a4434f4277ed08ba6029cdb2bacc882df60c1a5df594037b760b87b114f6b36e2ccd21201de08f731aa9eb74a8ef3b

    • SSDEEP

      192:xFYFXLa0InoIhfsvx0hkaokwdHUCJ02+3T9kH1Avh1Avg:xaX20IZo6hkVHUlvG1Avh1Avg

    Score
    9/10
    discoveryexploit

    • Nirsoft

    • Possible privilege escalation attempt

      exploit

    • Executes dropped EXE

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks