30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72

Analysis

max time kernel
85s
max time network
133s
platform
windows7_x64
resource
win7-20220414-en
submitted
20-05-2022 03:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe
Size

28KB
MD5

71f6171d29c04e7ba2aa8830ba4122de
SHA1

c4c2516d0b56d8bca9a51502486d2c4227b86f29
SHA256

30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72
SHA512

c4b90a91374935571de8f84a7bcc441c0a79efa8852a8821b834cea7870713ccd92358df593b9d1299522096a467083316c61b02dbf1d08842644ccc505d7463

Score

8^/10

bootkit discovery evasion persistence trojan

Malware Config

Signatures

Downloads MZ/PE file
Drops file in Drivers directory 1 IoCs

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description ioc process

File created C:\Windows\System32\drivers\TsQBDrv.sys QQBrowser_Setup_10.5.3869_1100110740.exe
Executes dropped EXE 2 IoCs

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exeQQBrowser.exe

pid process

1884 QQBrowser_Setup_10.5.3869_1100110740.exe
588 QQBrowser.exe
Sets service image path in registry 2 TTPs
persistence

Registry Run Keys / Startup Folder
T1060

Modify Registry
T1112

description	ioc	process
File created	C:\Windows\System32\drivers\TsQBDrv.sys	QQBrowser_Setup_10.5.3869_1100110740.exe

Loads dropped DLL 19 IoCs

Processes:

30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exeQQBrowser_Setup_10.5.3869_1100110740.exeQQBrowser.exeregsvr32.exe

pid	process
872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
588	QQBrowser.exe
1840	regsvr32.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
588	QQBrowser.exe
588	QQBrowser.exe

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000\Software\Microsoft\Windows\CurrentVersion\Run	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000\Software\Microsoft\Windows\CurrentVersion\Run\qbclipboard = "\"C:\\Program Files (x86)\\Tencent\\QQBrowser\\QQBrowser.exe\" --type=assistant --clipboard"	QQBrowser_Setup_10.5.3869_1100110740.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Checks whether UAC is enabled 1 TTPs 1 IoCs

evasion trojan

System Information Discovery

T1082

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	QQBrowser_Setup_10.5.3869_1100110740.exe

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
bootkit persistence

Bootkit
T1067

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description ioc process

File opened for modification \??\PhysicalDrive0 QQBrowser_Setup_10.5.3869_1100110740.exe

description	ioc	process
File opened for modification	\??\PhysicalDrive0	QQBrowser_Setup_10.5.3869_1100110740.exe

Drops file in Program Files directory 64 IoCs

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description	ioc	process
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QBSafe.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\sidebar_nav.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\app.ico	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\wxapkg.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Assistant.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\libGLESv2.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\PrScrn.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\manifest.json	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\qbroker\qbroker64.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\tssafeedit.dat	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\gamesp\fancygame.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\HEICDecodeExtend.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\History	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\plugin\PerfTools.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\PrScrnNew.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QQBrowserLiveup.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\resources.pak	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\1.70.3741.400.manifest	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_child.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\QBFixerPlugin.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\translator-common.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\video_box.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\FrameLoader.dll.sig	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\webp\WebpDecodeFilter.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\driver\TsQBDrvDll.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\BugReport.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\FrameLoader.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\pdf_config.json	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\PrScrnNew.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File opened for modification	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\1.70.3741.400.manifest	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\Downloader.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\driver\amd64\tsqbdrv.sys	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\navi2.ico	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\pcmgr_down.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File opened for modification	C:\Program Files (x86)\Tencent\QQ\ExtraInfo.ini	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\NetService.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\qbaps.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\swiftshader\libEGL.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\WidevineCdm\_platform_specific\win_x86\widevinecdm.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\live_box.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\pic_edit.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\nacl_irt_x86_32.nexe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_child.dll.sig	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\data\manifest	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\natives_blob.bin	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QQBrowser.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\qb_clh.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_200_percent.pak	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QBDelayUpdate.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\qqbrowser.exe.sig	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QBPin_x64.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\qbroker\qbroker.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\uninst.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\compat.xml	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\data\goe.js	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\driver\win10_x32\TsQBDrv.sys	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\extensions\cloud-collection.crx	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\gamesp\npjlgplayer3.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\10.5.3869.400.manifest	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_elf.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\service\TsService.exe.new	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\plugin\PerfTools.dll	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Program Files (x86)\Tencent\QQBrowser\QQBrowserConfig.dat	QQBrowser_Setup_10.5.3869_1100110740.exe

Drops file in Windows directory 2 IoCs

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description	ioc	process
File created	C:\Windows\Tasks\QQBrowser Updater Task.job	QQBrowser_Setup_10.5.3869_1100110740.exe
File created	C:\Windows\Tasks\QQBrowser Updater Task(Core).job	QQBrowser_Setup_10.5.3869_1100110740.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000\SOFTWARE\Microsoft\Internet Explorer\BrowserMachineCode	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000\Software\Microsoft\Internet Explorer\BrowserMachineCode\MachineGuid = "C34BEF60EA2E54A7DE93A1DE3A097578"	QQBrowser_Setup_10.5.3869_1100110740.exe

Modifies registry class 64 IoCs

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exeregsvr32.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.heic\ = "QQBrowser.heic"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\Microsoft Publisher\shell\edit\command	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\WinWord.exe\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\QQBrowser.heic\shell	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WEBPFilter.CoWEBPFilter\CurVer\ = "WEBPFilter CoWEBPFilter.1"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A981255C-6123-4487-B21A-9CF468EB3FC7}\InprocServer32\ThreadingModel = "Both"	regsvr32.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Excel.exe\shell\edit	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\shtml	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\xhtml\OpenWithProgIds\xhtmlfile	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\progid\http\UserChoice\Hash = "2Wt0kbHDnFk="	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\QQBrowser.Protocol\AppUserModelID = "Tencent.QQBrowser.Default"	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\http\shell\open\command\ = "\"C:\\Program Files (x86)\\Tencent\\QQBrowser\\QQBrowser.exe\" -- \"%1\""	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E577DC7C-F3A8-4A79-A2B0-8E0A79FFA45B}\ = "IWebpImageDecodeFilter"	regsvr32.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\MSPub.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\MSPub.exe\shell	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\WinWord.exe\shell\edit	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\https\DefaultIcon\ = "C:\\Program Files (x86)\\Tencent\\QQBrowser\\QQBrowser.exe,0"	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\PerceivedType = "text"	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\xhtml\OpenWithProgIds\ChromeHTML	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\xhtml\ = "QQBrowser.File"	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\UserChoice\Hash = "dctCQK95cmM="	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\QQBrowser.heic\shell\open\command\ = "\"C:\\Program Files (x86)\\Tencent\\QQBrowser\\QQBrowser.exe\" -- \"%1\""	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WebpDecodeFilter.WebpImageDecodeFilt.1\CLSID	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A981255C-6123-4487-B21A-9CF468EB3FC7}\VersionIndependentProgID\ = "WebpDecodeFilter.WebpImageDecodeFilter"	regsvr32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\progid\http\ProgId = "QQBrowser.Protocol"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\ftp\shell\open\command	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WEBPFilter.CoWEBPFilter\ = "WEBPFilter CoWEBPFilter"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A981255C-6123-4487-B21A-9CF468EB3FC7}\ProgID	regsvr32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Microsoft Excel\shell\edit\ddeexec\topic\ = "system"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Microsoft Word\shell\edit	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\WinWord.exe\shell	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\QQBrowser.File	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\Microsoft Excel\shell\edit\command	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\html\PersistentHandler\ = "{eec97550-47a9-11cf-b952-00aa0051fe20}"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Excel.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Microsoft Excel\shell\edit\ddeexec	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithProgIds\mhtmlfile	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\Excel.exe\shell	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\Microsoft Excel\shell\edit\ddeexec\application	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\Microsoft Publisher\shell\edit\ = "&Open"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\PersistentHandler	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\html\Content Type = "text/html"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Microsoft Publisher	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\UserChoice	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\shtml\UserChoice\Hash = "evcNM68HiKk="	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\QQBrowser.Protocol\URL Protocol	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5FD70451-714E-495A-9F17-450AEF3AA35E}	regsvr32.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Microsoft Excel	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\MSPub.exe\shell\edit\ = "&Open"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\shtml\PersistentHandler	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\progid\http\Hash = "2Wt0kbHDnFk="	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\QQBrowser.Protocol\ = "QQBrowser Protocol"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\https\shell	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\PersistentHandler\ = "{5645C8C1-E277-11CF-8FDA-00AA00A14F93}"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\https\shell\open\command	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\Microsoft Excel\shell\edit\ddeexec\topic\ = "system"	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\OpenWithList\Microsoft Excel\shell	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WebpDecodeFilter.WebpImageDecodeFilter\ = "WebpImageDecodeFilter Class"	regsvr32.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\MSPub.exe\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b005000750062005000720069006d006100720079003e00520024006e0075006a0053005700460065003f007d0061004c00720052007000390078004000570020002500310000000000	QQBrowser_Setup_10.5.3869_1100110740.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\WinWord.exe\shell\edit\command	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A981255C-6123-4487-B21A-9CF468EB3FC7}\InprocServer32\ThreadingModel = "Apartment"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/webp\Image Filter CLSID = "{A981255C-6123-4487-B21A-9CF468EB3FC7}"	regsvr32.exe
Key created	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\htm\OpenWithList\Excel.exe\shell\edit\ddeexec	QQBrowser_Setup_10.5.3869_1100110740.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1819626980-2277161760-1023733287-1000_CLASSES\Software\Tencent\QQBrowser\file\mht\ = "mhtmlfile"	QQBrowser_Setup_10.5.3869_1100110740.exe

Suspicious behavior: EnumeratesProcesses 58 IoCs

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

pid	process
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe
1884	QQBrowser_Setup_10.5.3869_1100110740.exe

Suspicious behavior: LoadsDriver 1 IoCs

Processes:

pid process

460

pid	process
460

Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes:

QQBrowser_Setup_10.5.3869_1100110740.exe

description	pid	process
Token: SeSecurityPrivilege	1884	QQBrowser_Setup_10.5.3869_1100110740.exe
Token: SeSecurityPrivilege	1884	QQBrowser_Setup_10.5.3869_1100110740.exe
Token: SeSecurityPrivilege	1884	QQBrowser_Setup_10.5.3869_1100110740.exe

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe

pid process

872 30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe

Suspicious use of WriteProcessMemory 18 IoCs

Processes:

30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exeQQBrowser_Setup_10.5.3869_1100110740.exe

description	pid	process	target process
PID 872 wrote to memory of 1884	872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
PID 872 wrote to memory of 1884	872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
PID 872 wrote to memory of 1884	872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
PID 872 wrote to memory of 1884	872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
PID 872 wrote to memory of 1884	872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
PID 872 wrote to memory of 1884	872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
PID 872 wrote to memory of 1884	872	30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe	QQBrowser_Setup_10.5.3869_1100110740.exe
PID 1884 wrote to memory of 588	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	QQBrowser.exe
PID 1884 wrote to memory of 588	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	QQBrowser.exe
PID 1884 wrote to memory of 588	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	QQBrowser.exe
PID 1884 wrote to memory of 588	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	QQBrowser.exe
PID 1884 wrote to memory of 1840	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	regsvr32.exe
PID 1884 wrote to memory of 1840	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	regsvr32.exe
PID 1884 wrote to memory of 1840	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	regsvr32.exe
PID 1884 wrote to memory of 1840	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	regsvr32.exe
PID 1884 wrote to memory of 1840	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	regsvr32.exe
PID 1884 wrote to memory of 1840	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	regsvr32.exe
PID 1884 wrote to memory of 1840	1884	QQBrowser_Setup_10.5.3869_1100110740.exe	regsvr32.exe

C:\Users\Admin\AppData\Local\Temp\30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe
"C:\Users\Admin\AppData\Local\Temp\30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:872

C:\Users\Admin\AppData\Local\Temp\QQBrowser_Setup_10.5.3869_1100110740.exe
C:\Users\Admin\AppData\Local\Temp/QQBrowser_Setup_10.5.3869_1100110740.exe
2⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Checks whether UAC is enabled
- Writes to the Master Boot Record (MBR)
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1884

C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
"C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe" --from-installer --import-topsites --import-cfg
3⤵
- Executes dropped EXE
- Loads dropped DLL
PID:588

C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
"C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe" --from-installer --import-topsites --import-cfg --frame-processstart=1653017010.7026 --disable-gpu-early-init --qua=UFI9UEMmQ089V0JLJlFWPTMmUEw9V0lOJlBCPUdFJlBQVk49MTAuNS4wLjM4NjkmQ09WQz0wNDcwMDAmQ0hJRD00NTQzMSZSTD0xMjgwKjcyMCZNTz1RQiZWRT1HQSZCSVQ9NjQmT1M9Ni4xLjc2MDE= --coopdev --lang=zh-CN --no-first-run --first-launch --qb-browser-process --channel=588.0.635046959 --frame-version=10.5.3869.400 --disable-d3d11 --disable-site-isolation-trials --enable-nacl --enable-features=sync-local-preference,sync-timestamp,qqbrowser-union-enable,use-bookmark-password --force-fieldtrials --disable-gpu-watchdog --allow-outdated-plugins /prefetch:8
4⤵
PID:280

C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
"C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe" --from-installer --import-topsites --import-cfg --frame-processstart=1653017010.7026 --disable-gpu-early-init --qua=UFI9UEMmQ089V0JLJlFWPTMmUEw9V0lOJlBCPUdFJlBQVk49MTAuNS4wLjM4NjkmQ09WQz0wNDcwMDAmQ0hJRD00NTQzMSZSTD0xMjgwKjcyMCZNTz1RQiZWRT1HQSZCSVQ9NjQmT1M9Ni4xLjc2MDE= --coopdev --type=assistant --cred=131072 /prefetch:8
4⤵
PID:572

C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
"C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe" --type=assistant --clipboard /prefetch:8
4⤵
PID:1912

C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
"C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe" --type=assistant --clipboard /prefetch:8
4⤵
PID:1500

C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\webp\WebpDecodeFilter.dll"
3⤵
- Loads dropped DLL
- Modifies registry class
PID:1840

C:\Program Files (x86)\Tencent\QQBrowser\TsService.exe
"C:\Program Files (x86)\Tencent\QQBrowser\TsService.exe" -installandrun
3⤵
PID:632

C:\Windows\SysWOW64\reg.exe
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v xt /f
2⤵
PID:1192

C:\Windows\SysWOW64\cmd.exe
cmd /c del "C:\Users\Admin\AppData\Local\Temp\30f056456e85b4375c34fbfca57a634b28fa3f8f7eb1c258392a83d799f89f72.exe"
2⤵
PID:1224

C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c del "C:\Users\Admin\AppData\Local\Temp\30F056~1.EXE"
2⤵
PID:1808

C:\Program Files (x86)\Tencent\QQBrowser\TsService.exe
"C:\Program Files (x86)\Tencent\QQBrowser\TsService.exe"
1⤵
PID:1096

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Bootkit

T1067

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Assistant.dll
Filesize
5.3MB

MD5
09f90156bcb0f9686ffff2cde3860788

SHA1
e1fb137b7c81cd1f72322956757b729d8985ebbb

SHA256
fd35fef15f2145ac5247133b93a57ebe3f8caad04148d654bc5334833b827b87

SHA512
e2b0eb09ed6d3661a098e7a92069d51a4bc3aa1e69e69ede7d5e76f5be77d7edebd43d9a0917cab8494f5180bdd0b4dcaa23edfe56fa2ec4669d6032657fe5f1

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Frame.dll
Filesize
9.6MB

MD5
e8169de2036f02093f50636b8c3a1f93

SHA1
26746bc7482cbb9e1ec09df8192488cf871fda4d

SHA256
f32f2565d5d9c230095ecdc4da6a8028149b0132a012fa0af1f2c85333a10434

SHA512
5c86579379c7fa5b2c0e56aac9b00a9c320337210057755585f2f1e2fcf91fc8751ddce28e8ed6ba6fae325223f9f8357a0839952cf16225612168a84d8f2b5e

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\FrameLoader.dll
Filesize
329KB

MD5
52a1056177bd7f2ac91cdf5dd6c01866

SHA1
0c75d6edf62a1ebdda63c96bdeeb8acb5132ed3e

SHA256
cbb83ce87ad9d685a2190b4976a57ddaa9de69bcff4e22ec7e45e6c51d921e1b

SHA512
2b0aa482c8fd56e308227d8ec3b7fe4554b47bc4d1b2c549cc0815b8eafcaf029afb4d037d258d925b661f9a89fce92b82507d3774e7fdebab24baed6e1a0815

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QBClipboard.dll
Filesize
1.2MB

MD5
8f3bfa3aea011616ed6d4576123ab72d

SHA1
31de731bcc0de1052f9d2a99d7f0ab9608faadab

SHA256
583cd9b9e5ac91e01f48c8ccf0629545228d7ff904f016b76656c1f9ebc0cc30

SHA512
b52d4f1e9db6bfc8d8b453c4cf0c274bc89cdabd068d999df4779207228956ff9e15594c7e1c554afbe7a8fbf96229dcf6b54d81af9434b3dc965c5f8212c37d

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QBSafe.dll
Filesize
368KB

MD5
cbad84f42aa44031511f8d1dff5297c9

SHA1
b7a1d30392fb29a0aef425e2afdfd6126ded4203

SHA256
4f06ecd993de1a299a52ba59388966bdad19c52c4e7c21564153be05c7381f28

SHA512
d471f4c0bb6f8b4a83f4f2c47866b7a3e342f3adbcd190b2d8cd4a6d16842fc9cf2da5d1a663c9135916f9ae48381b6ea77bb4bfe151c3e670baf266f638cd51

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome.dll
Filesize
48.0MB

MD5
79829ec6cb2e4366f2e4b62af812a994

SHA1
12360589f602922e0064db7d815d0284f17e4230

SHA256
e5ddc81cc0d9de9d6ae298ab6fc798e0432f56b9b8d20b743ede9bb44d52122e

SHA512
ca39f3654e429ba188334668120368796fe5d0d362065b105e8dd5a06dcd402ac459cc3df186728f51ed946a9a8821871521e2f73b070a642b8d25b60344908c

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_elf.dll
Filesize
439KB

MD5
6a78c845c4c3bf55fb4c0297a473ef61

SHA1
a207a317b040e8dd9f72d0bd7a2b30669c4cf19a

SHA256
c30c6bdf3d803f573e41943f02b609cacd319b90fa01dda0bed84e93f4839158

SHA512
a901af5f1d72fc0cc99fd8055538b3ce40779eaf6c4d32494ed87083375ba1f6ae399f226262283d935cc5e5d7eafaabfc53a76ebcc42b739ab4de7e59565433

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\frame_icudtl.dat
Filesize
9.7MB

MD5
bc7f54e4df91c9137dced27976228b66

SHA1
fe532df1de6dd6f9971227b48f8856e07ae0883d

SHA256
51b93e0bc7e6d697ccc29703e2ebc9210c231c931fe764c372e5ba0d26098d3b

SHA512
8fe03a5b65236c90af171f68e911ff307d40f249120ea1c2324e8a7ccf4061ce6ce6dfe66bc957e76bfa7e5161aaa005f40b9be95dc6481df46f25fbae41e14b

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\locales\qb\zh-CN.pak
Filesize
22KB

MD5
67c1a79f89db3e6a10d18f996a084b2a

SHA1
f984bb8df56cceae6309a5e8085376a3f11c28cf

SHA256
719801eb2a60f306c09b9d8e99fb024d2a281d2e5714c5d90077008c1dfa48e3

SHA512
f7a8c44c2cb25459455faf99bf967405e73377ce7192738e8921310c7753443d8355c2205776339f112f93954797240e0353cfa8bdbd299393e55b659e44675c

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\qb_100_percent.pak
Filesize
2.2MB

MD5
5538e5a916ac98c7cda4ca60fcd2ab19

SHA1
8584ef76f8a8c0e08e424208cce1a6633d3c13a5

SHA256
939314da6b9ff684d946784190574c1084cefcab5d66cf7d8d3e4f933c8c56d3

SHA512
6d9f2e4a13a923093abb03849de2326e735b89d0c0608b5623fc9d7c8bdaa827c566b7d107d37f33c71c5e40ddfa503c72c3891a614bd37f5d173f580a7b664c

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\qb_200_percent.pak
Filesize
6.0MB

MD5
ac98da0b53e6f174468f4cddd9884186

SHA1
36367dc468d3ece72f1454d889fef5cdda66cd95

SHA256
bca5617785e08113414408e54114b5194b85a18866a33d37f829bf1454a45e32

SHA512
bb4a76a465679fe418a1864161656bdede2b8315e171590eb1098eefeeab14878ebcaa6899e70330668c70ec65f9322663be214a54a2e9f54f59d7851aacf684

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\webp\WebpDecodeFilter.dll
Filesize
185KB

MD5
6f069180da502b676d0b5c3cb0f5d09d

SHA1
5e8219473af1347a2a7c756fa5641d1f57f7262c

SHA256
cf3232a4e7fee0279ee7b6a6086393282cb7ec9ed3088832777336bcac380bd0

SHA512
07a8e8e84b9954b5e6241bdb42d7cacd6101c9b1a0b9dfd505b2e2dd80b234132d59bd8841bbf0ae003cefb19fccb0f4978dd4c269751a974841c2ebfd1216f3

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\TsService.exe
Filesize
2.1MB

MD5
87bb76b3a49b7528e8a5e08f0633be48

SHA1
ff7dee8dc611e66d7481646c08d7b149649a7711

SHA256
488739ffdd7996cc22013c5541d190a2181c499280acc78845823b25eba52af3

SHA512
13b3c680aee77075c5b949862984dffac17461ba21e16e5f91472b196603331147ae27c1adef1c00f36f10b00cb4158a61a04b3929bb393f39ad1b9c349d637a

Download Submit
C:\Program Files (x86)\Tencent\QQBrowser\TsService.exe
Filesize
2.1MB

MD5
87bb76b3a49b7528e8a5e08f0633be48

SHA1
ff7dee8dc611e66d7481646c08d7b149649a7711

SHA256
488739ffdd7996cc22013c5541d190a2181c499280acc78845823b25eba52af3

SHA512
13b3c680aee77075c5b949862984dffac17461ba21e16e5f91472b196603331147ae27c1adef1c00f36f10b00cb4158a61a04b3929bb393f39ad1b9c349d637a

Download Submit
C:\Users\Admin\AppData\Local\Temp\QQBrowser_Setup_10.5.3869_1100110740.exe
Filesize
78.9MB

MD5
282dc7b3c792de1cb65f59602f394e28

SHA1
0a6f0a6f22534ef90282ba94d6562ffd0780e5e5

SHA256
f439e5cb87d8c25913cbadb6a57b41b725ee526dedc24c1c26678bf5c4f1f078

SHA512
fcf2c1df37adaa6ae650964d541622a7c63f96937c691614773dff8a14b580c287dc4e751326966399ddc02d36fde0abb72e267bb1343f6aa4bf4c07e7f3b324

Download Submit
C:\Users\Admin\AppData\Local\Temp\QQBrowser_Setup_10.5.3869_1100110740.exe
Filesize
78.9MB

MD5
282dc7b3c792de1cb65f59602f394e28

SHA1
0a6f0a6f22534ef90282ba94d6562ffd0780e5e5

SHA256
f439e5cb87d8c25913cbadb6a57b41b725ee526dedc24c1c26678bf5c4f1f078

SHA512
fcf2c1df37adaa6ae650964d541622a7c63f96937c691614773dff8a14b580c287dc4e751326966399ddc02d36fde0abb72e267bb1343f6aa4bf4c07e7f3b324

Download Submit
C:\Users\Admin\AppData\Local\Tencent\QQBrowser\User Data\Default\.beacon_analytics.db
Filesize
12KB

MD5
88f506674d402c9d47f6771e81e5e8fe

SHA1
b609e16ff4f6929386ecdcda80a2c0d2d38455f7

SHA256
dcdced501e00ce528f26df956b0ef8e1f015d73998fa9d7f83175c7adbdeefdd

SHA512
165a5714cc85ff0f3229d638ecbe98c021fba451647c740ba910b92944ab0e1ef9602ea1239b5a07b251ec180a71b63ead3abf78a85ad1358d230dcfa86ae725

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\1b2534c7da6f692bf01850315c45e5b5.png
Filesize
566B

MD5
09216a616a9922a8698626583f5ecd30

SHA1
d39708af5c03028ced6b8353c7d918a5bbf53645

SHA256
31f28829f3648c41f1f9fb4dcc9e5cfaddfd36f637737b561874ca8fda5cb774

SHA512
40014b9825d53c92de0ffe05c359195427b82dba58afa22c4dfbc9c11fc3fb5f018db325f0073c25d9c93ba5c04236d75fa11c9cb89c2470ecace5b241a9776d

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\2b1d69c2e1a70939f6163ee545330992.png
Filesize
333B

MD5
4c5f9a7fda25bf07887d82706194cbda

SHA1
4d955328e10cd40c52591fad7a87a28ae143feb6

SHA256
bd86425fee9db65f7454dfefa7d5a2314ac078c9c01688c79c024546c619b2f8

SHA512
cda84252acf1cd1cdd3721d13d923a78c60f4a7de983fc6e5c961a3e534dc4f63819c1aba57c925d643e09068fb1065f3884c9e87c9028bcead530897952c168

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\3c8b38357b235327444b54c05fbcd7c8.png
Filesize
536B

MD5
31a76929350f555271f30ebd79051dfb

SHA1
8d3bb3da5011707549d28f82fe77be158c3f54b3

SHA256
445e0e3366b2918ce5c50d6dd9c16a51813554e154d2c12e94d007dcaebd0473

SHA512
63ef3bda7306e01ff09afd28fcc2043ba0a84eda291e684b6a755e9b9f644fd7d7a5f6bf9c05c9f44c81d5728bb7f0fc6a11d57edabefb359c0f6c5fde4bee33

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\80bda61e75c73b68471b260a70b6cabd.png
Filesize
1KB

MD5
4d39f397bef1f32bfe6a753c84734a84

SHA1
3b4e7e31c5ed402d09dff7d89450389b3ae3c11d

SHA256
8d2916f0c2cba1c72643b8edfde5aebf07f20af81a856b1185b59e431c5adfd6

SHA512
188acec8f26c2771d4af958eb41f2955c82def510b432148efcaef8b87c06b6af803115de2d2ef5a0b960d3a294f0a87ba5f7b1bd1cb14fae01c8c71ecdb5261

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\b415aeecf9dbf0e1bb9117bc1b734fb9.png
Filesize
158B

MD5
d554ef813f3ee1e26ce6c36bdb0aa16e

SHA1
2fecacbc10cafde906f1444d619e24acdd993151

SHA256
6ee8c47fdc646b61b0bb7fc6a3094146f5f79415e777ea63e2825a3f931a693a

SHA512
3a0336edd4a0b82cbd74a0c225dfb73e8c54126530a05d0f2dcd21361bece3de2c6075c1cc0831a3e86199791a8b6e8a6aadbb7791d00d3f1b5ac5f060f006a7

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\b89358b2f1665f2f90bb751cdf5098d0.png
Filesize
1KB

MD5
0d39d35f0e9aeebdfb03d2fa34bdf62b

SHA1
c68976ea3f1734490cb393cff2c8a2c0b8355ce5

SHA256
b3e0244051048d30a6e974e59203bb1a2d7c13c678a0d5426ded664cb4a83c11

SHA512
6d0ea621c8a734f5bc2de15dc4ef9e78ee63fb12324403fc8b9bfe0a0f6a001c84011e99e34166e66f85625c39365c7dd294d66aa76bf113b3f77db01c6dc609

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\d930077161dfb5d5b40143cd0e7b3ff0.png
Filesize
927B

MD5
3f5d6f0ce95c0b0a4b32526845599d79

SHA1
0ca87cacf7664e7083c9a3f571b9d46e76fec98c

SHA256
077c36d0e26b51552262c35c8d55d123b3dd602e0ce734ad687ccaf0126739d7

SHA512
7526009905a6ffb1b86b8fbfef4d6f2f816b61a463ebfd1ed0f65d3cc05fe63013a2f257a7f149ded0c20e3b9a49382b5cc43dca5954f08250416ca95b0fc583

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\BookmarkIcon\files\ed52547265346e41d8f4c164d7699604.png
Filesize
239B

MD5
ae300fbc26a2a85e8bbdd6c98343ef3c

SHA1
903844ae080c025c687e99b57d17900c5ef55e07

SHA256
e1ea2b5c0bcd0511e017d06fb1f48fcfc93fcc0a5ba9f0ef5f3eb54d4f52853c

SHA512
8176a81a9d81bbc53735e9dedd795e37231018f4fca5a17af3b52cebc61398333cf74011b9d688e28d67617656e2b7290fffcc4c9bffd6108b2489d2a352de51

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\TradeBookmark\current.zip
Filesize
1KB

MD5
17767bd7af9fd79359a7194b26cf104a

SHA1
e5eff4fb221bc678a25a6fceaebe65b1e98cc945

SHA256
c77fde139d5c3fbea5ea7f8082117bbe394200ae5a8a954e0da0a59f3708db62

SHA512
8c446ab803dc8407095b3cf8878b63e5364d763dd3cc3156653fe3d7fa394d8de2c9561cbc038a32ba2ca100158678bf4602ae95734146445e8e34b90085bcd1

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\TradeBookmark\extension.zip
Filesize
3KB

MD5
4a7b62936ae5741e1b540f5ee91078c3

SHA1
56caed6a8968513417cd47d169e0f35ea1641e18

SHA256
cce402e7132951d3266f49a88440197d856cf6bdba8eceb8b8cc0aba9036109b

SHA512
61778cbfa1be52475cabe59997820f97f0a8be38d378688a4387a2632e157d2990b795865d80fc1046d48cb4aac1e659185b777c7a86c42cbefa7a7ba355a66f

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\QQBrowser\ksdbcfg\dbinfo
Filesize
792B

MD5
41375c903442eb29ae9b9ba2d2209cb3

SHA1
d377d847e54f20880ec65e9528349eedf7152ef5

SHA256
dbb86075170df4df767f18caa6987fb220b4d19622ac07629a1967cc88300721

SHA512
b51b2fd761c400de8d2291bce05bb5d67e0ac26feb89b05e77eac8bdb9c2bb48b24aa2f765e91677a857a51bdba76cfdc1d7b89f816da73c787a12fd95a0ccfd

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Assistant.dll
Filesize
5.3MB

MD5
09f90156bcb0f9686ffff2cde3860788

SHA1
e1fb137b7c81cd1f72322956757b729d8985ebbb

SHA256
fd35fef15f2145ac5247133b93a57ebe3f8caad04148d654bc5334833b827b87

SHA512
e2b0eb09ed6d3661a098e7a92069d51a4bc3aa1e69e69ede7d5e76f5be77d7edebd43d9a0917cab8494f5180bdd0b4dcaa23edfe56fa2ec4669d6032657fe5f1

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Assistant.dll
Filesize
5.3MB

MD5
09f90156bcb0f9686ffff2cde3860788

SHA1
e1fb137b7c81cd1f72322956757b729d8985ebbb

SHA256
fd35fef15f2145ac5247133b93a57ebe3f8caad04148d654bc5334833b827b87

SHA512
e2b0eb09ed6d3661a098e7a92069d51a4bc3aa1e69e69ede7d5e76f5be77d7edebd43d9a0917cab8494f5180bdd0b4dcaa23edfe56fa2ec4669d6032657fe5f1

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Frame.dll
Filesize
9.6MB

MD5
e8169de2036f02093f50636b8c3a1f93

SHA1
26746bc7482cbb9e1ec09df8192488cf871fda4d

SHA256
f32f2565d5d9c230095ecdc4da6a8028149b0132a012fa0af1f2c85333a10434

SHA512
5c86579379c7fa5b2c0e56aac9b00a9c320337210057755585f2f1e2fcf91fc8751ddce28e8ed6ba6fae325223f9f8357a0839952cf16225612168a84d8f2b5e

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Frame.dll
Filesize
9.6MB

MD5
e8169de2036f02093f50636b8c3a1f93

SHA1
26746bc7482cbb9e1ec09df8192488cf871fda4d

SHA256
f32f2565d5d9c230095ecdc4da6a8028149b0132a012fa0af1f2c85333a10434

SHA512
5c86579379c7fa5b2c0e56aac9b00a9c320337210057755585f2f1e2fcf91fc8751ddce28e8ed6ba6fae325223f9f8357a0839952cf16225612168a84d8f2b5e

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\F1Frame.dll
Filesize
9.6MB

MD5
e8169de2036f02093f50636b8c3a1f93

SHA1
26746bc7482cbb9e1ec09df8192488cf871fda4d

SHA256
f32f2565d5d9c230095ecdc4da6a8028149b0132a012fa0af1f2c85333a10434

SHA512
5c86579379c7fa5b2c0e56aac9b00a9c320337210057755585f2f1e2fcf91fc8751ddce28e8ed6ba6fae325223f9f8357a0839952cf16225612168a84d8f2b5e

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\FrameLoader.dll
Filesize
329KB

MD5
52a1056177bd7f2ac91cdf5dd6c01866

SHA1
0c75d6edf62a1ebdda63c96bdeeb8acb5132ed3e

SHA256
cbb83ce87ad9d685a2190b4976a57ddaa9de69bcff4e22ec7e45e6c51d921e1b

SHA512
2b0aa482c8fd56e308227d8ec3b7fe4554b47bc4d1b2c549cc0815b8eafcaf029afb4d037d258d925b661f9a89fce92b82507d3774e7fdebab24baed6e1a0815

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\FrameLoader.dll
Filesize
329KB

MD5
52a1056177bd7f2ac91cdf5dd6c01866

SHA1
0c75d6edf62a1ebdda63c96bdeeb8acb5132ed3e

SHA256
cbb83ce87ad9d685a2190b4976a57ddaa9de69bcff4e22ec7e45e6c51d921e1b

SHA512
2b0aa482c8fd56e308227d8ec3b7fe4554b47bc4d1b2c549cc0815b8eafcaf029afb4d037d258d925b661f9a89fce92b82507d3774e7fdebab24baed6e1a0815

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\FrameLoader.dll
Filesize
329KB

MD5
52a1056177bd7f2ac91cdf5dd6c01866

SHA1
0c75d6edf62a1ebdda63c96bdeeb8acb5132ed3e

SHA256
cbb83ce87ad9d685a2190b4976a57ddaa9de69bcff4e22ec7e45e6c51d921e1b

SHA512
2b0aa482c8fd56e308227d8ec3b7fe4554b47bc4d1b2c549cc0815b8eafcaf029afb4d037d258d925b661f9a89fce92b82507d3774e7fdebab24baed6e1a0815

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\QBSafe.dll
Filesize
368KB

MD5
cbad84f42aa44031511f8d1dff5297c9

SHA1
b7a1d30392fb29a0aef425e2afdfd6126ded4203

SHA256
4f06ecd993de1a299a52ba59388966bdad19c52c4e7c21564153be05c7381f28

SHA512
d471f4c0bb6f8b4a83f4f2c47866b7a3e342f3adbcd190b2d8cd4a6d16842fc9cf2da5d1a663c9135916f9ae48381b6ea77bb4bfe151c3e670baf266f638cd51

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome.dll
Filesize
17.2MB

MD5
2f354c79f55e26d9926896fc775037b8

SHA1
8028c1a7d97ecbe0cca8971d7f76eae0c1bf8a42

SHA256
807c77969941e45bbe08f7523ae8a38c1a95b5af1ad5659653d54956464d6bcc

SHA512
a0c0744e038f94aec6315cd1331105385aa0c2484dd96ff71bb19ce8f11f9cc4c5ebe114587b0397556c6e85f00104b2e2e02abec6f92820c9889947cc1d31d9

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome.dll
Filesize
48.0MB

MD5
79829ec6cb2e4366f2e4b62af812a994

SHA1
12360589f602922e0064db7d815d0284f17e4230

SHA256
e5ddc81cc0d9de9d6ae298ab6fc798e0432f56b9b8d20b743ede9bb44d52122e

SHA512
ca39f3654e429ba188334668120368796fe5d0d362065b105e8dd5a06dcd402ac459cc3df186728f51ed946a9a8821871521e2f73b070a642b8d25b60344908c

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome.dll
Filesize
48.0MB

MD5
79829ec6cb2e4366f2e4b62af812a994

SHA1
12360589f602922e0064db7d815d0284f17e4230

SHA256
e5ddc81cc0d9de9d6ae298ab6fc798e0432f56b9b8d20b743ede9bb44d52122e

SHA512
ca39f3654e429ba188334668120368796fe5d0d362065b105e8dd5a06dcd402ac459cc3df186728f51ed946a9a8821871521e2f73b070a642b8d25b60344908c

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_elf.dll
Filesize
439KB

MD5
6a78c845c4c3bf55fb4c0297a473ef61

SHA1
a207a317b040e8dd9f72d0bd7a2b30669c4cf19a

SHA256
c30c6bdf3d803f573e41943f02b609cacd319b90fa01dda0bed84e93f4839158

SHA512
a901af5f1d72fc0cc99fd8055538b3ce40779eaf6c4d32494ed87083375ba1f6ae399f226262283d935cc5e5d7eafaabfc53a76ebcc42b739ab4de7e59565433

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_elf.dll
Filesize
439KB

MD5
6a78c845c4c3bf55fb4c0297a473ef61

SHA1
a207a317b040e8dd9f72d0bd7a2b30669c4cf19a

SHA256
c30c6bdf3d803f573e41943f02b609cacd319b90fa01dda0bed84e93f4839158

SHA512
a901af5f1d72fc0cc99fd8055538b3ce40779eaf6c4d32494ed87083375ba1f6ae399f226262283d935cc5e5d7eafaabfc53a76ebcc42b739ab4de7e59565433

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_elf.dll
Filesize
439KB

MD5
6a78c845c4c3bf55fb4c0297a473ef61

SHA1
a207a317b040e8dd9f72d0bd7a2b30669c4cf19a

SHA256
c30c6bdf3d803f573e41943f02b609cacd319b90fa01dda0bed84e93f4839158

SHA512
a901af5f1d72fc0cc99fd8055538b3ce40779eaf6c4d32494ed87083375ba1f6ae399f226262283d935cc5e5d7eafaabfc53a76ebcc42b739ab4de7e59565433

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_elf.dll
Filesize
439KB

MD5
6a78c845c4c3bf55fb4c0297a473ef61

SHA1
a207a317b040e8dd9f72d0bd7a2b30669c4cf19a

SHA256
c30c6bdf3d803f573e41943f02b609cacd319b90fa01dda0bed84e93f4839158

SHA512
a901af5f1d72fc0cc99fd8055538b3ce40779eaf6c4d32494ed87083375ba1f6ae399f226262283d935cc5e5d7eafaabfc53a76ebcc42b739ab4de7e59565433

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\chrome_elf.dll
Filesize
439KB

MD5
6a78c845c4c3bf55fb4c0297a473ef61

SHA1
a207a317b040e8dd9f72d0bd7a2b30669c4cf19a

SHA256
c30c6bdf3d803f573e41943f02b609cacd319b90fa01dda0bed84e93f4839158

SHA512
a901af5f1d72fc0cc99fd8055538b3ce40779eaf6c4d32494ed87083375ba1f6ae399f226262283d935cc5e5d7eafaabfc53a76ebcc42b739ab4de7e59565433

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\driver\TsQBDrvDll.dll
Filesize
107KB

MD5
fa8c9e95d8131746021981204bb24c03

SHA1
9376312d76750816597d92c8b36e57d41937bff5

SHA256
44353e1a7e8aaa564e53daa0285c5784b4707636c34da28e0c8d8a219279b529

SHA512
e0d2ee6cd34bcce44c30cae9fdda9ef962179449fb68a12a49caed92c97a7ea075517bbc2d91ddf81121bbed08e1e614adc67e0ae925923261eadf8d8907888c

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\driver\TsQBDrvDll.dll
Filesize
107KB

MD5
fa8c9e95d8131746021981204bb24c03

SHA1
9376312d76750816597d92c8b36e57d41937bff5

SHA256
44353e1a7e8aaa564e53daa0285c5784b4707636c34da28e0c8d8a219279b529

SHA512
e0d2ee6cd34bcce44c30cae9fdda9ef962179449fb68a12a49caed92c97a7ea075517bbc2d91ddf81121bbed08e1e614adc67e0ae925923261eadf8d8907888c

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\driver\amd64\tsqbdrv.sys
Filesize
190KB

MD5
4212456d4a6919df9fde080538d3f6b7

SHA1
0216a0e726f2c2bdeec0c1ef45ac6fe675507e65

SHA256
7182266bbe670c7e27da6092f5c38f849f0ff9700fc8cbc2640d1fa36013536e

SHA512
e9760e3f75d9e3f4533371e1ca0ebeb4cdbc9bbde3589f9b2b13377b258e5a72cd0ae8c5a67522a2ce3ef084c0266e578d85ddd3c2eb3a3bd21fca86fd89846f

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\driver\amd64\tsqbdrv.sys
Filesize
190KB

MD5
4212456d4a6919df9fde080538d3f6b7

SHA1
0216a0e726f2c2bdeec0c1ef45ac6fe675507e65

SHA256
7182266bbe670c7e27da6092f5c38f849f0ff9700fc8cbc2640d1fa36013536e

SHA512
e9760e3f75d9e3f4533371e1ca0ebeb4cdbc9bbde3589f9b2b13377b258e5a72cd0ae8c5a67522a2ce3ef084c0266e578d85ddd3c2eb3a3bd21fca86fd89846f

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\webp\WebpDecodeFilter.dll
Filesize
185KB

MD5
6f069180da502b676d0b5c3cb0f5d09d

SHA1
5e8219473af1347a2a7c756fa5641d1f57f7262c

SHA256
cf3232a4e7fee0279ee7b6a6086393282cb7ec9ed3088832777336bcac380bd0

SHA512
07a8e8e84b9954b5e6241bdb42d7cacd6101c9b1a0b9dfd505b2e2dd80b234132d59bd8841bbf0ae003cefb19fccb0f4978dd4c269751a974841c2ebfd1216f3

Download Submit
\Program Files (x86)\Tencent\QQBrowser\10.5.3869.400\webp\WebpDecodeFilter.dll
Filesize
185KB

MD5
6f069180da502b676d0b5c3cb0f5d09d

SHA1
5e8219473af1347a2a7c756fa5641d1f57f7262c

SHA256
cf3232a4e7fee0279ee7b6a6086393282cb7ec9ed3088832777336bcac380bd0

SHA512
07a8e8e84b9954b5e6241bdb42d7cacd6101c9b1a0b9dfd505b2e2dd80b234132d59bd8841bbf0ae003cefb19fccb0f4978dd4c269751a974841c2ebfd1216f3

Download Submit
\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
\Program Files (x86)\Tencent\QQBrowser\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
\Program Files (x86)\Tencent\QQBrowser\TsService.exe
Filesize
2.1MB

MD5
87bb76b3a49b7528e8a5e08f0633be48

SHA1
ff7dee8dc611e66d7481646c08d7b149649a7711

SHA256
488739ffdd7996cc22013c5541d190a2181c499280acc78845823b25eba52af3

SHA512
13b3c680aee77075c5b949862984dffac17461ba21e16e5f91472b196603331147ae27c1adef1c00f36f10b00cb4158a61a04b3929bb393f39ad1b9c349d637a

Download Submit
\Program Files (x86)\Tencent\QQBrowser\uninst.exe
Filesize
616KB

MD5
3c6593fc8a8f1babe61551c06954234f

SHA1
d889e7e9e6186f959543c8eb0a5c78d72d06e69e

SHA256
8cb83d6a61dc92102f2752180f54ecb2667ea6675f701f28182ad5b1e91a5841

SHA512
5243d81b1cdf702f8364123ea8c6705eb738a9583fd8a69e7d77d8c94ce12730343c3e7410c7a9d644fbbd17abe4b0fb54cbac5f75931b5591ece39400b40878

Download Submit
\Users\Admin\AppData\Local\Temp\14ab6cad70\bin\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
\Users\Admin\AppData\Local\Temp\14ab6cad70\bin\QQBrowser.exe
Filesize
1.2MB

MD5
10439e73fcfdad3621508f5a6a190087

SHA1
91e3ac18cfe53842376ca5e56217625651bfed4e

SHA256
9bf0940f43de65e03a54322e373a37c88067d3e32a551db880300d6ab6516d2d

SHA512
e6b12885cb1511fe0b7141e6f6431156504c23bb5b0e67284ce9d9bbc9a1556abe95f6d8ebfa799776395fa8b5f4dcd0aa43eb553179040e5380da9ea20e326b

Download Submit
\Users\Admin\AppData\Local\Temp\QQBrowser_Setup_10.5.3869_1100110740.exe
Filesize
78.9MB

MD5
282dc7b3c792de1cb65f59602f394e28

SHA1
0a6f0a6f22534ef90282ba94d6562ffd0780e5e5

SHA256
f439e5cb87d8c25913cbadb6a57b41b725ee526dedc24c1c26678bf5c4f1f078

SHA512
fcf2c1df37adaa6ae650964d541622a7c63f96937c691614773dff8a14b580c287dc4e751326966399ddc02d36fde0abb72e267bb1343f6aa4bf4c07e7f3b324

Download Submit
memory/280-182-0x0000000000F30000-0x0000000001065000-memory.dmp

Filesize
1.2MB

Download
memory/280-108-0x0000000000000000-mapping.dmp

Download
memory/572-104-0x0000000000000000-mapping.dmp

Download
memory/572-136-0x0000000002720000-0x0000000002C78000-memory.dmp

Filesize
5.3MB

Download
memory/572-148-0x0000000003630000-0x0000000003FD8000-memory.dmp

Filesize
9.7MB

Download
memory/588-87-0x000000006FFF0000-0x0000000070000000-memory.dmp

Filesize
64KB

Download
memory/588-98-0x000000006FFE0000-0x000000006FFF0000-memory.dmp

Filesize
64KB

Download
memory/588-88-0x000000006FFF0000-0x0000000070000000-memory.dmp

Filesize
64KB

Download
memory/588-89-0x000000006FFF0000-0x0000000070000000-memory.dmp

Filesize
64KB

Download
memory/588-90-0x000000006FFF0000-0x0000000070000000-memory.dmp

Filesize
64KB

Download
memory/588-91-0x000000006FFF0000-0x0000000070000000-memory.dmp

Filesize
64KB

Download
memory/588-73-0x0000000000000000-mapping.dmp

Download
memory/588-101-0x000000006FFD0000-0x000000006FFE0000-memory.dmp

Filesize
64KB

Download
memory/588-94-0x0000000002720000-0x00000000030C8000-memory.dmp

Filesize
9.7MB

Download
memory/588-97-0x000000006FFE0000-0x000000006FFF0000-memory.dmp

Filesize
64KB

Download
memory/632-122-0x0000000000000000-mapping.dmp

Download
memory/872-56-0x00000000768D1000-0x00000000768D3000-memory.dmp

Filesize
8KB

Download
memory/1192-183-0x0000000000000000-mapping.dmp

Download
memory/1224-184-0x0000000000000000-mapping.dmp

Download
memory/1500-152-0x0000000000000000-mapping.dmp

Download
memory/1840-78-0x0000000000000000-mapping.dmp

Download
memory/1884-58-0x0000000000000000-mapping.dmp

Download
memory/1884-62-0x000000006FFF0000-0x0000000070000000-memory.dmp

Filesize
64KB

Download
memory/1884-178-0x0000000007B80000-0x0000000007C43000-memory.dmp

Filesize
780KB

Download
memory/1884-180-0x0000000007B80000-0x0000000007C43000-memory.dmp

Filesize
780KB

Download
memory/1884-72-0x000000006FFE0000-0x000000006FFF0000-memory.dmp

Filesize
64KB

Download
memory/1912-142-0x0000000000000000-mapping.dmp

Download