Overview

overview

6

Static

static

qwbackdate...ar.exe

windows7-x64

1

qwbackdate...ar.exe

windows10-2004-x64

1

qwbackdate...��.exe

windows7-x64

6

qwbackdate...��.exe

windows10-2004-x64

1

qwbackdate...��.exe

windows7-x64

1

qwbackdate...��.exe

windows10-2004-x64

1

qwbackdate...��.url

windows7-x64

1

qwbackdate...��.url

windows10-2004-x64

1

qwbackdate...��.url

windows7-x64

1

qwbackdate...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    185s
  • max time network
    205s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-11-2022 11:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    qwbackdate/qwbackdate/千万备份器V1.1注册机.exe

  • Size

    18KB

  • MD5

    450cbe05404a21e6c13182997089ba93

  • SHA1

    363e2920050acf0acb68a974c16cc503882f9a8c

  • SHA256

    874be8af18427060b9e124acec9162297e9c83c9822b6f9607a522614c4abba3

  • SHA512

    4d3d16710a561060cf2343079540c4cef0b523b16bceacdb142a371aa9ace847215080572daa0b24565033a61a179555e7e8490ff6265df0cad576d5d2c34441

  • SSDEEP

    384:be00crMPJYnXTy8dDQoe7VDZ4Pa8b39z966:a00cAP6nDy8d0phDZ4P19z96

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\qwbackdate\qwbackdate\千万备份器V1.1注册机.exe
    "C:\Users\Admin\AppData\Local\Temp\qwbackdate\qwbackdate\千万备份器V1.1注册机.exe"
    1⤵
      PID:368

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/368-132-0x0000000000400000-0x0000000000410000-memory.dmp

      Filesize

      64KB

      Download

    • memory/368-133-0x0000000000400000-0x0000000000410000-memory.dmp

      Filesize

      64KB

      Download