Overview

overview

7

Static

static

1

Qt6Core.dll

windows10-2004-x64

1

Qt6Core5Compat.dll

windows10-2004-x64

1

Qt6Gui.dll

windows10-2004-x64

1

Qt6Network.dll

windows10-2004-x64

1

Qt6Svg.dll

windows10-2004-x64

1

Qt6Widgets.dll

windows10-2004-x64

1

Qt6Xml.dll

windows10-2004-x64

1

iconengine...on.dll

windows10-2004-x64

1

imageformats/qgif.dll

windows10-2004-x64

1

imageforma...ns.dll

windows10-2004-x64

1

imageformats/qico.dll

windows10-2004-x64

1

imageforma...eg.dll

windows10-2004-x64

1

imageformats/qsvg.dll

windows10-2004-x64

1

imageforma...mp.dll

windows10-2004-x64

1

imageforma...bp.dll

windows10-2004-x64

1

jars/JavaCheck.jar

windows10-2004-x64

7

jars/NewLaunch.jar

windows10-2004-x64

7

manifest.txt

windows10-2004-x64

1

platforms/...2d.dll

windows10-2004-x64

1

platforms/...ws.dll

windows10-2004-x64

1

portable.txt

windows10-2004-x64

1

prismlauncher.exe

windows10-2004-x64

5

prismlaunc...nk.exe

windows10-2004-x64

1

qt.conf

windows10-2004-x64

3

qtlogging.ini

windows10-2004-x64

1

styles/qwi...le.dll

windows10-2004-x64

1

tls/qschan...nd.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PrismLauncher-Windows-MSVC-Portable-7.2.zip

  • Size

    15.9MB

  • Sample

    231026-fbqljsch32

  • MD5

    bdd411ffc5d31b50fc51f5f2ce4bcf50

  • SHA1

    4864ff3fc0ecdb53a1cd7aebcdb5c8248ef80029

  • SHA256

    e05976b4806ed833e92817c976b2ca26bdc4f6081c446eb85c8973623c6c8107

  • SHA512

    bb37f5c5c4b2da99a1ae5d039e5b210ed5a413fc8cb9a105d47aaed3650a8d779401d56929eb21d2f998c3b48f0ecd73839eea227394ad2d3fb8175931238384

  • SSDEEP

    393216:nHkzIHUXswOJ4UycDwGGciAtkXDCwrs4Z9vWq7zy6bX:E808wOJxyMwG1iA0D5DvnT

Score
7/10
discovery

Malware Config

Targets

    • Target

      Qt6Core.dll

    • Size

      5.5MB

    • MD5

      970df5d767e87c18ebed28381b0f4adc

    • SHA1

      7526a65c6de1ef8971076395655aa7a82f18a6e0

    • SHA256

      238b6dad34d40eb3e1c4999ecd224be2ef0fff3cc7b2587d6b4d9dd260effa49

    • SHA512

      01d7942bcc808a924b881cc9e12add558a70166472e446d787bad0881d69b1802dce4a2e9ab7e17bd33129c5b66528756045dfc189332391a4de49f894e235f5

    • SSDEEP

      98304:ZSWJxYVkF4WAXXuKFdu9CwJsv6tS2qy/3hrVO:ZxSVkFmuKFdu9CwJsv6tS2qy/3hrY

    Score
    1/10
    behavioral1

    • Target

      Qt6Core5Compat.dll

    • Size

      815KB

    • MD5

      74555e92dba376e41f11b06bff3443dc

    • SHA1

      93eb09d5d5e1ebe90e9bedca41eac30f182dc0fb

    • SHA256

      0aa34eeaeff8f84c954ddc5b334d91fd51a9f19b1a1f3f18ef292a1fb43e94c3

    • SHA512

      85d7304608c104ca18fda66a6b16388c164fee9b4bef4ed0de2656b081e5ba5ff94851eed5590f7da101897dc3eb2561d5ecbdc86469ceb09a662dc51380cd26

    • SSDEEP

      12288:ZdFrujqAFH1h/biPGE/4717VKItBDPzHkSxGGffzYfMAbNkdEx:xruTHvKG7VdDPT6df9badW

    Score
    1/10
    behavioral2

    • Target

      Qt6Gui.dll

    • Size

      7.4MB

    • MD5

      0ab8efed44e94227d814f456e51f0b57

    • SHA1

      22a55fa81689d7314424083e515f9c8819c9cf17

    • SHA256

      1c7b79a164335b8c43d7267fa8a0ee43a2bdeb957aef167b38bfedda21cff825

    • SHA512

      95cf380fa921f127deb40da22788b1b41c0a47f8a31d7656e02c11ba69d360609527b6b9ff7ec236bec139cea59453634e845058d06adfe9fbce0dd82bd36b23

    • SSDEEP

      98304:0EjW1ymxkr/7CFse/xrozk1x6+wzs0xS/a3:0vynr/uWAxrozk1x6+os0xS/a3

    Score
    1/10
    behavioral3

    • Target

      Qt6Network.dll

    • Size

      1.3MB

    • MD5

      228f4d0df07520aa1fa57640fb6ec5f0

    • SHA1

      13c65c16625fab847d474e1ea9dce1ffdfd98e51

    • SHA256

      298257eb27353c47fcd811e8202f03aa7ea2eef0bcb6f3ee71e8060508b29d49

    • SHA512

      ed1bbb2367e3d76ab9844d4212e8bb884573718781cdb77596a72e4b57b2bb9678b159387930e8adb7a01f4a56c6a0e1ae4d1dcda7d931a2fd21ac5cd1ba5d15

    • SSDEEP

      24576:y5tH4RtervQx3TI2/4AW+gfy1CeWDlVYiPsoZR:QY2vQx3xUK19JiPZ

    Score
    1/10
    behavioral4

    • Target

      Qt6Svg.dll

    • Size

      355KB

    • MD5

      8699b8bada8fec14462321757e89cf9a

    • SHA1

      d5b7e1d0e96d3f73f65221a625e4d5f6033cfcfc

    • SHA256

      70bd4c4cdf70865645e86a0b1dea58eff111a1d588f6654a972a137c000b87e1

    • SHA512

      395e9efbe2e992e15a7a89424b86f394e32c19563a5da2dbc1afd14f1f453cfd72ae76754c475075e7b7f99b4a88a23cf8f2d5330ec211e44c4eee1623b900bd

    • SSDEEP

      6144:+wH000KGSd8GuEw3zv0tgKG2iUt0+rcc+fymV5crvEz:+E000K1buEwDAsXEvEz

    Score
    1/10
    behavioral5

    • Target

      Qt6Widgets.dll

    • Size

      5.8MB

    • MD5

      fe5d94996b8128747762cf0fdcab1f82

    • SHA1

      3cb1bc591d55c4e5f76be53c3993eaab7e67541c

    • SHA256

      05362dfd5ce0ab18988d878240f1daec2c505fb60cfb85636444c1843692e4a3

    • SHA512

      c91be91786e38341ad83eb38ba27e4110d18c24b03f088aced46b32eb3fe9d81bf89c5bec4b8da1b84252fe78d3294dee1230ff79bd9308e979d0b9b219eab53

    • SSDEEP

      98304:boAvLtXKWwH2IexfN6bI25x4s5yC/P9Mw8tNCs1Qs:FDtXKWwWIe1N6bI25L//PGtCsOs

    Score
    1/10
    behavioral6

    • Target

      Qt6Xml.dll

    • Size

      144KB

    • MD5

      3a0b4fce55d035642b015472b0ddc5ab

    • SHA1

      e1e9acf68e116c22c9f991fbfddf0b017ee49a11

    • SHA256

      f907b1354f10b2278f4b8fc87e7f814f5ae0b4204e891a3d107624a19d6e7547

    • SHA512

      dcf50c1d08234420b56b7ed585d6fd4a5f0fa5b3a29d1f21c1480c8d3154a3e5d054eeeaf1c4fdb6879641c885a0dae3c3ee7f4c23026f50bae9b8469706a08d

    • SSDEEP

      3072:PhOHnwd4FmZVml20AtNWggupa95u/Kzn6KWEpA:JIn1AzPRNwu/qjWEpA

    Score
    1/10
    behavioral7

    • Target

      iconengines/qsvgicon.dll

    • Size

      63KB

    • MD5

      bf3ae484446b9dee7102ca01941a2675

    • SHA1

      76fac9993bcd4b5f7dcf7a412f653e48e9f0f0c0

    • SHA256

      7ca34f1b353e5f02b0ed1fc32b689a98c4d36c2dc2a30b561d1079c901c55526

    • SHA512

      ab089da9dc5be237a7bacf2e02f328b1942ca027a315b3ef3661b8a2c2ee866eadad3bbdd656f24c18b0bcd387cc637ff62c7b5eab1afa31d5573cc291a55d37

    • SSDEEP

      1536:PxRzna0CFubjJTUeGhzD8pZjz6TBDwV+qgzuxh6H82cA/gKxngeuEHvpf:aFAJTUeGhfSZjABDwV+Juxh6H8UIKiEx

    Score
    1/10
    behavioral8

    • Target

      imageformats/qgif.dll

    • Size

      47KB

    • MD5

      26574147ca3f4b70e868cd717e69a58f

    • SHA1

      fd3f725c56c4d2baa2d831b077a9ce2f101e2689

    • SHA256

      ce34841b2350a0fcfc9250203c81192ea4babca587375ec9fac2e55267a6fcf3

    • SHA512

      8b75a6afb0ccd50f5a1cbbc16f0a04e170263e7629980e8fc7406dfa6f4e074d33317a4a3c8c6f9e201faf14ebfcbe99a7584a88351d3786b4e2dbf31ca41911

    • SSDEEP

      768:Lb1BgMAbGKdSySwa0r3EDVQPiQbuqZi9iYVQxCozZOgKxnVbGYJlUMN0EHXe:X1tAbSXInPuFiYVQx7FOgKxngeUlEHXe

    Score
    1/10
    behavioral9

    • Target

      imageformats/qicns.dll

    • Size

      54KB

    • MD5

      642f364074eb6c96a7282561688cfb34

    • SHA1

      c3225409478c1bd5baa746360aed5ac7915dddf3

    • SHA256

      26a605b9db40012d2935d1398d90d01a6333c5eb432a5ef2868fc332d57d7717

    • SHA512

      92c05dbab1560a92e5f0c616fa213160e9bf19a79805540ad83921079f124676463b7f1c428f4c929c5ea1c5adbcae057db8db7f855ecc70020e532e637d39f2

    • SSDEEP

      1536:MjqRvB8ohA3VJPX3C+u+7n6/EHbgKxngebEHe:nvBqVJHu+7n6/k0K/E+

    Score
    1/10
    behavioral10

    • Target

      imageformats/qico.dll

    • Size

      46KB

    • MD5

      3db1047b43a8eab09b9789529889341d

    • SHA1

      4604eb1d86c6bb1561d1f2fb75ef61c3f959a1c3

    • SHA256

      7d689613ff4784dd8afd3ee4429027c46432119b25786691d7da67f24b7ebd6d

    • SHA512

      6490788dcc4b8f071d52dbcb12967ea37e4dda930f2fa548621f88e28ae096b084ada0822676a3ba6157b802fe0b40d9185cf3715efe5d78cbcfb830e3f104da

    • SSDEEP

      768:Cth/WA3M4aHKzXM7ZODsLiPZDxPT9gKxnVbGYJlCN0EHF8:sYZ4aqzXQOgLiPZDxPT9gKxngeHEH2

    Score
    1/10
    behavioral11

    • Target

      imageformats/qjpeg.dll

    • Size

      445KB

    • MD5

      ee879fe49a874af52b6abf9076ae8fe9

    • SHA1

      7bc23a9615bdf2ff32e961faae1d0223e40d5fdf

    • SHA256

      3e1d675563585303e4c3276baa3915a88d540af2a22d04fcda43f4645d1c05e6

    • SHA512

      f3e9cbdbf9fef3e9014c5fc3edb6bd8e001b6575b263d43dc8df7281e6104f88a8bf7ad25657183b91368e6fd8a8c6da608b7dbdf3f8fee393c4a1a9ac8722a6

    • SSDEEP

      12288:Am9lKVxoBleOPVrmVtv7kcyULT/PFEa0kPr/hAKosPRlH3Qu8kFpj7w6yqDZXLhD:Am9OxoBl5kp

    Score
    1/10
    behavioral12

    • Target

      imageformats/qsvg.dll

    • Size

      39KB

    • MD5

      5bee238b2ca3eca6ab04aa9a61ce3224

    • SHA1

      097a4273e0ca8d1f29f78e9fbbfdb95a4894a1b1

    • SHA256

      c540dc238325fdc9b183efc6f95639b58df4400dc4074e43e43588e3eb3d2451

    • SHA512

      aaf32a8bded590c711c292fdf6d7382d818460033f730a67376ed475226a0989b0941d54067e44ae4138ba0f4b487b32a7e7311059afdfb7c6e0ca1f2324d4df

    • SSDEEP

      768:eEz05YLHnGW2pB3zGQM0UU77agKxnVbGYJlJ4CN0EHb:EYLHnGWKtGQM0UUHagKxngeJUEHb

    Score
    1/10
    behavioral13

    • Target

      imageformats/qwbmp.dll

    • Size

      36KB

    • MD5

      41be686d706731d6336f2b91e6129850

    • SHA1

      1d5721ecbb9dd8da433854e3822a49acb80c18aa

    • SHA256

      bc66ecdc28aff5d400e924157f640944f3c432061e6f3d8d77bc0379d9232373

    • SHA512

      c49c8c88004983819a2c5a13bbab8dd84874fb75892ec0868fe4cd1294e6e3bc385c5df8268ca0004ec1914a5c648ea911c3b86d808242f6a748231c704374de

    • SSDEEP

      768:nXgcvbCdWX2SGu9OrkK9kgKxnVbGYJlJTN0EHeM:w2bGWX2SGu9Orz9kgKxngeJSEHV

    Score
    1/10
    behavioral14

    • Target

      imageformats/qwebp.dll

    • Size

      518KB

    • MD5

      157ed3a7bf795211035f6bff17addf4d

    • SHA1

      3d5d6640d463be1126ce2709d740001c6da8eccb

    • SHA256

      e1431319c8a48a4eb9ced4a878fe254431b9015840b277f6608712bdb936ad04

    • SHA512

      8a3491bccb94cecd27d2ec25e2d08476c21a446660afe729ead7a036adf61dbebb3902dbea948615a902e0dc23517658f4ec79ef9dfbcbb9c4b70b367fd69c42

    • SSDEEP

      12288:bisrJMxKbfMDLrLrLrLBOPp0Rytw7zZdtOniSPRrA9Eu:esrhbCLrLrLrLBgprtwXZDOPi9b

    Score
    1/10
    behavioral15

    • Target

      jars/JavaCheck.jar

    • Size

      1KB

    • MD5

      50c5d2698945a9195d8153d13197a016

    • SHA1

      c6dac1825ec5abc551e58aab8d99d1781ca5e6f0

    • SHA256

      bfdb45c8d396c96eabaacff05b2d2e5b1515626591343975a814c4043ea74b69

    • SHA512

      84511243b4a469377b871e4f435718e5f1d9d52f66c0059ab32d1da6294bec1f44fcb33a357a7e4b762c96421deb475c9c634666331e9cf91b84ac1f5d4ccfda

    Score
    7/10
    discovery
    behavioral16

    • Target

      jars/NewLaunch.jar

    • Size

      20KB

    • MD5

      58075eca7af5054fd7e00c4e75a8c7bd

    • SHA1

      e0c451aba1db1d035e6cf8b0952774fb3a2ef815

    • SHA256

      7c3e6887754dbd668a500c415c72f197ec52f9c20a2c7dec1895c6fa576e0c09

    • SHA512

      66369d73659618a62756fdd4fa82717aeece0ca98c5bac2ed5640ed4f5c7ead87bff97e41ad0a6243acb25f57270c4d4aeba4b16698109a85bacb4511cc1e973

    • SSDEEP

      384:cUA3krDcqa4BRFe+NVWZvCPKuCWNb7cDK8qlcFqAgDnidLG6bc5iaf:cUA3krIqVe+aOK6kK8qlZzitxbc5Pf

    Score
    7/10
    discovery
    behavioral17

    • Target

      manifest.txt

    • Size

      580B

    • MD5

      df58c4767e4dd3ca42367833170e0d0f

    • SHA1

      bccf2097ebcbd396e0a41ace811468ac7c3202ae

    • SHA256

      39b2e37821db34c1504e738a3dcbb0c3b42b8d6045d90690a9bfdba166e5e8fb

    • SHA512

      b0264c88c7046f287779cf97e1977b69e92895251018207f985767c98e51cced2ed13e1ceb8427c831385f1e72eeb51157ab2ce71884739238c595116b0cc094

    Score
    1/10
    behavioral18

    • Target

      platforms/qdirect2d.dll

    • Size

      894KB

    • MD5

      8ed6d405d97eec66523cfd2587dba3b3

    • SHA1

      6fd030624f16a200ce086f1cb5136d89bef8d5c7

    • SHA256

      dd90600099c735c0f0c1b2eb1077c9bd3d004b9287434cd5ed07c922a6b29507

    • SHA512

      6cf759dc299c79f3a4ee2c82515273876dae49a1310ef736eed5ffd3ae52129b372e81b1eafb74dffc0e010140e1a8f6026ac3ad6ed51ec255163cf82408a290

    • SSDEEP

      24576:tx+KZbnGVD2DsXljk6SJ35eG7zQECeb8a:tXZbnGVD2D0ljc4G7zQE

    Score
    1/10
    behavioral19

    • Target

      platforms/qwindows.dll

    • Size

      823KB

    • MD5

      b282a6b3a3e4ed8c42f4419a9db87e41

    • SHA1

      4a39e285182a5c5c311efe0c04ac8ab5f0e5dfdb

    • SHA256

      5918f2fdbe3be8410d8c255f7174a92e407e299ba8f66616b52f75fe25fda618

    • SHA512

      e1b9cc8108102dff6c98818787f5921e4cf6f4cba26d1b24a443c5c58129be2e9d533d7026125ab19238af05fd7854a8b3399ecda643f48824b51e6ab7b523b5

    • SSDEEP

      12288:lk7dU8LnSVP8LEz2nKn+mKwzzMAAmfMLJa/EEC:lk7dU8LnSVP8LEz2nKn+mjzzMAAOE9

    Score
    1/10
    behavioral20

    • Target

      portable.txt

    • Size

      301B

    • MD5

      93f489f4a1f13d6411c03b82f5935481

    • SHA1

      437d1af7ae9f53cf5656d1909e9aacc6984da411

    • SHA256

      45ca04cb1257c60794bcd17341b5ec8c5a0cb18571f0d2e7fafee951b6bc476e

    • SHA512

      dc9418402f7e0ace34cdbdd232252210e5a6ec6868685b2be883d8f57dc25758804019deec3e5385645c9258c33b8d5a46abff25b174ef257eac6702b4dc8100

    Score
    1/10
    behavioral21

    • Target

      prismlauncher.exe

    • Size

      9.2MB

    • MD5

      f5066a345db1bc9f6a02a270dab8b566

    • SHA1

      7fce44a74c810d4c3a6a53bb02cb2e9bb0c8bcf9

    • SHA256

      2ad71d1a0888a66aa8a045cb6b6d9b4d5a0a48d3fef0411cd322e58a36413812

    • SHA512

      0ad8ea784e5709ed149b51cf9dd1aaf781023ef04daea06f2de122277b6f1600246c79124cef0cf292391c10209c7810406ad0c0fa40ea903e2029076be02a07

    • SSDEEP

      98304:LQywtvH43rOPcNIHDno6TRpuNxvKVVnKuVpLX:LQCn806qxytVpj

    Score
    5/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral22

    • Target

      prismlauncher_filelink.exe

    • Size

      102KB

    • MD5

      4a806cfc9e16c14a331c76fac47ab673

    • SHA1

      6a8b7a917adc868b68dc6dbecfa667cde1155532

    • SHA256

      82cf38da1678a0c3fb928653737ad6398a80bb1259397c4c68034509f5921450

    • SHA512

      fe543db49b6200ecf17cb9003316121dfb765ee0231800ee6174f3bc6aa81bd459a7d0ada1987746c850546a0fd31740f80d18db015cc13e19ac482de875225c

    • SSDEEP

      1536:6yqqEebIQxWWWvxyLyhC7zL578u1XAUUPWM4+qVFNRDpMu7rVwkPx9:ZtEIwW6xyuhCPL5w2XAU+41FNQUVzx9

    Score
    1/10
    behavioral23

    • Target

      qt.conf

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    behavioral24

    • Target

      qtlogging.ini

    • Size

      509B

    • MD5

      58967a7fcc8cd9d2bdb9b0fc24eed94d

    • SHA1

      b09f4ed1fe53850307cf8cb8cd2767524c26335b

    • SHA256

      ba15aee260e7ca1d48016546bab52fe30c3da264356b629739c125cd4eb3c700

    • SHA512

      5d44670d283b8a88892fd8def2fd2f2f9222d5115b25cc4b9e2b04a7c5f004930dc0b5e2d11ae128ab844f826ba079a0f93e17d5428355bdb4d21a04ee58055a

    Score
    1/10
    behavioral25

    • Target

      styles/qwindowsvistastyle.dll

    • Size

      138KB

    • MD5

      a9ea33827f593d4ff121eb27da14017c

    • SHA1

      2b45c65e083b05559ddd27f23d61c359b9b527d4

    • SHA256

      f605cf01582c022a21f0c2faffd13e4f46d596727806793a708eaaa1ec3f7859

    • SHA512

      586f11f2899b1ed8f2257d0e9cc433bcaede5c64c0e702981483b059a12c5899e972bea9fcbfc638e13d9659562b4f3a735b6ff9a0507f141b7405afab8caeac

    • SSDEEP

      3072:vZ337Fu29p1hbS5iPwOj0A6tw1V3CE1gkcA9+wpRP0yoTFZ7pRKtE1K:vZ33D1LPb3rcA9VpRcyoTFZetEg

    Score
    1/10
    behavioral26

    • Target

      tls/qschannelbackend.dll

    • Size

      212KB

    • MD5

      1d553367047781e4cb8375e0d69f92f9

    • SHA1

      d47e17e30f031484874058e3c012ee6483dcce4a

    • SHA256

      943b8a803d0521bb0f38c70e22bfb2a7ad89ba84de2724e670563808f89d4fcb

    • SHA512

      895d21ee6aaa9fa029c4ba459495bfe58709ff80f33d6218f563aecfea2acf3d2e36f86dfad3aec4cbc1747502f747829ae918960cb9b1434d748364c825d41f

    • SSDEEP

      3072:9JU8QId9ZfEGn4BYBYR3MLZP5IBvzhwsOU1DTjx8K4l8U0AZFYMO8/Y3QBxXMwKy:9dTZ9CR3CZPkhYeKd3YQBxI+Ei

    Score
    1/10
    behavioral27

MITRE ATT&CK Enterprise v15

Tasks