f8fdbb04a7861372c6c88be412337640f0e6ffa7987fa006e8502209eb27793b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f8fdbb04a7861372c6c88be412337640f0e6ffa7987fa006e8502209eb27793b
Size

1.2MB
Sample

221127-asbwtsba8z
MD5

e26ea4ffc6b15619d4b321b79a0084ae
SHA1

ce631d63ae0e2505f1362606eae2ad3163a3c00c
SHA256

f8fdbb04a7861372c6c88be412337640f0e6ffa7987fa006e8502209eb27793b
SHA512

0f97181003bce75067a371144faa1db51d02dbfb8fbc0f72d2a13b560708dbc29d78c1df28fd461d8f7e64508a02e349fe766556f7d038562c4fe0721ebdf14b
SSDEEP

24576:TV5j4z5xwREsr9Z9uyjNeY21ptzIL4r0jDvtvL5ok8sDhbSDXl7lpn:bj4Vxw6srdLAz+4r0jLN5okzhuPp

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  sqtrayPro/)!访问我们的网站!！.url
- Size
  
  259B
- MD5
  
  2eb285255ac0fa2ba9ec5e706a821df4
- SHA1
  
  b959dcb4902046cd87aaac7ab054655524f439e8
- SHA256
  
  76b5a0b5e107c192850301650e0b9dd94eb8ea06f0fa93e04eeb29db67ee6414
- SHA512
  
  686ab8e052298aa66dc97f4f816c785917bd75c5e7de948d1b8f4f0d3edfaff331b6e71a79d48551a119f6e70d0c55895b35aabffb18704e972e6b8faeabdd66
Score

1^/10
behavioral1 behavioral2
- Target
  
  sqtrayPro/Qvs影像文件播放器/QVPlayer.exe
- Size
  
  449KB
- MD5
  
  9f9e0ae0ea4ed7d1d284b9055dece418
- SHA1
  
  3faa7923b7e1e0769b7116414313b0d3105389da
- SHA256
  
  500b6dc3ef8da15cfd55a31b7deba81a3bac398d74ab49564d489e68d937ebb0
- SHA512
  
  488a96a3a6ac3d22e8f33e2ae5bd61c69ad8059cef370482d209db1d444b8da38b8687a6d3186f8187811a7f155580dd454a1ffc2ec90b95635589c817e80167
- SSDEEP
  
  6144:2sNVX8x70PvnFoCnM4Tl5lZRCif9hGRPR+q6LxARKacdTfkqEP2W4OhUpqOUJFNP:xNVMZ0fFoqfDlbGT+4MdDk9MpgG
Score

1^/10
behavioral3 behavioral4
- Target
  
  sqtrayPro/sqtray.exe
- Size
  
  528KB
- MD5
  
  ab810e9731f4699dffdfe0e7ea064e34
- SHA1
  
  4ed7ae7904158edea681d9548ed8f9d3e9c12e07
- SHA256
  
  41d3e5f710b3fef187529547995e44c804904b12734a1af858976e1ddc6c515d
- SHA512
  
  a2a0040af99505137563ac6d95308cc77557733a7e23b4e2c216a7b93e721f590c416f8c5cbe448df9bffb7936899a8a430dde5e042511945355aa141e717f24
- SSDEEP
  
  12288:gYM78OBpwb6jCZg+Swi/4yeBNCSLD9HKpI94SdhikMgNMSz7:gYqKFZgcizPY9F94uc
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral5 behavioral6
- Target
  
  sqtrayPro/traceqq.dll
- Size
  
  269KB
- MD5
  
  7795836d9e2763eb2f3dd1d1e2d50456
- SHA1
  
  9b54323edb26c8d2bdcb283f0208d725613baa8d
- SHA256
  
  5c0043901abe77c4e7c1cd7999d2be24097e54097423efc28998fe58abdf648c
- SHA512
  
  e9f353dda4a97e9c110d80729cf190c56cc7f6995349a0ae859e6dd33662658fdc6c9a7aea89067608f615277dcdeacfee1239ead2b37ac52ec903fcd224ecd5
- SSDEEP
  
  6144:CIGNLXCwlc25i9a0+nkr1jBykrOKauJ98uQWiA+Pe3:NGde25i9HTr1jDOKauJuZg4K
Score

3^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

bootkitpersistence

behavioral6

behavioral7

behavioral8