General
-
Target
Qik.msi
-
Size
1.1MB
-
Sample
231206-1smansfghq
-
MD5
b60d637cf678d40c3fa4c21651022f20
-
SHA1
6110eec0e122e3ac04aafdf2a5ad771c21aa96b8
-
SHA256
a63ed57ec78355dbb8bef93def3263b45d6dd96e5ce6bb727f285e8f1d9a6b26
-
SHA512
be0be0c970dd04f84e2f5afbe3d04d2bda3602c87bbbb09016465b1fca531b2aa529f66d50ebb31b745b0362cda0431c36111b63f274d3a863aed13d45edc144
-
SSDEEP
24576:W5enUeiNpNj32PsQ67IzRNYZcE++dQoDvgW/MI2crW6m:Imi3NjGbMmhUtDD/MdcrW6m
Static task
static1
Behavioral task
behavioral1
Sample
Qik.msi
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
Qik.msi
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
Qik.msi
-
Size
1.1MB
-
MD5
b60d637cf678d40c3fa4c21651022f20
-
SHA1
6110eec0e122e3ac04aafdf2a5ad771c21aa96b8
-
SHA256
a63ed57ec78355dbb8bef93def3263b45d6dd96e5ce6bb727f285e8f1d9a6b26
-
SHA512
be0be0c970dd04f84e2f5afbe3d04d2bda3602c87bbbb09016465b1fca531b2aa529f66d50ebb31b745b0362cda0431c36111b63f274d3a863aed13d45edc144
-
SSDEEP
24576:W5enUeiNpNj32PsQ67IzRNYZcE++dQoDvgW/MI2crW6m:Imi3NjGbMmhUtDD/MdcrW6m
Score8/10-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-