Resubmissions
11-12-2023 15:37
231211-s2e9qacbe4 710-12-2023 15:29
231210-sw5x7aged8 1009-12-2023 15:39
231209-s3lswshbfl 1008-12-2023 04:20
231208-ex7lhsha83 1007-12-2023 15:32
231207-syzh7acg62 1001-12-2023 15:49
231201-s9kt6sdb45 1001-12-2023 04:15
231201-evbq3aeh46 1026-11-2023 06:57
231126-hrbtfafc68 1019-11-2023 02:41
231119-c6sgvage73 10General
-
Target
hiqa.exe
-
Size
14.3MB
-
Sample
231207-syzh7acg62
-
MD5
eafd16a8eb7e6489286d094d9a6edfcf
-
SHA1
860a03fd13ca678e498b63c81bf7ef4d7cf34fa5
-
SHA256
68ea7711782bceb7a79e2c9e8f6245c7d9f9f997d3b8a7e16fc38b2c2c1f2043
-
SHA512
361ec653a4ba18f006e73ef3438fedb56938bc43d01d2bd4bf6985d3317a0e16eb48a522e86027e4464660e54dd3333a24096d6f961004c4ea7e5978b8032ef1
-
SSDEEP
98304:gsGNJipGZNaQrpBKXSSDYAKvs9fqdrSrJLA60BPL8jCcY:/5pGuwKXSSovs9fqdrSrOpBP
Static task
static1
Behavioral task
behavioral1
Sample
hiqa.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
hiqa.exe
Resource
win10-20231023-en
Behavioral task
behavioral3
Sample
hiqa.exe
Resource
win10v2004-20231201-en
Malware Config
Targets
-
-
Target
hiqa.exe
-
Size
14.3MB
-
MD5
eafd16a8eb7e6489286d094d9a6edfcf
-
SHA1
860a03fd13ca678e498b63c81bf7ef4d7cf34fa5
-
SHA256
68ea7711782bceb7a79e2c9e8f6245c7d9f9f997d3b8a7e16fc38b2c2c1f2043
-
SHA512
361ec653a4ba18f006e73ef3438fedb56938bc43d01d2bd4bf6985d3317a0e16eb48a522e86027e4464660e54dd3333a24096d6f961004c4ea7e5978b8032ef1
-
SSDEEP
98304:gsGNJipGZNaQrpBKXSSDYAKvs9fqdrSrJLA60BPL8jCcY:/5pGuwKXSSovs9fqdrSrOpBP
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1