General

  • Target

    Qcma_setup-0.4.1.exe

  • Size

    60.5MB

  • Sample

    240222-nyaslsha85

  • MD5

    7f924f1a8dc878abf31b1638fdad40b7

  • SHA1

    4d69403b0d3d9a53d87a879bb247533bf408bf67

  • SHA256

    5a4be9e92cf84b6fdedef3623c4fc76a9a239e98f88c0c4368bbb72caafdda03

  • SHA512

    a5d66c2d340455cbe329726ab69153a816925608ec7ba5f67b816e8d0530f3df2cbe067edb3672d24630a2a94dda9d68e2a94421c39acf5079cd511c9cb8cb4f

  • SSDEEP

    1572864:7VJTNxo+L/7xl6DgRPMg31jBP7qwv0hfe6i7IbnKs8I0:/TNFNYMj1jhqwife6kIml

Score
8/10

Malware Config

Targets

    • Target

      Qcma_setup-0.4.1.exe

    • Size

      60.5MB

    • MD5

      7f924f1a8dc878abf31b1638fdad40b7

    • SHA1

      4d69403b0d3d9a53d87a879bb247533bf408bf67

    • SHA256

      5a4be9e92cf84b6fdedef3623c4fc76a9a239e98f88c0c4368bbb72caafdda03

    • SHA512

      a5d66c2d340455cbe329726ab69153a816925608ec7ba5f67b816e8d0530f3df2cbe067edb3672d24630a2a94dda9d68e2a94421c39acf5079cd511c9cb8cb4f

    • SSDEEP

      1572864:7VJTNxo+L/7xl6DgRPMg31jBP7qwv0hfe6i7IbnKs8I0:/TNFNYMj1jhqwife6kIml

    Score
    8/10
    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      2e35876a2b9842d48eed3817809a78eb

    • SHA1

      3e1a36b9758d9e0dabeba65895f4a091f801583e

    • SHA256

      c36d864cd5464add57008985fa901ef4ba32d9831465732b1aa06078a42608d2

    • SHA512

      1776cb43ea9773bf564876e7ba23b05b37b88457f7085622f5d57ebda9886352da5eefba4ab7d44ae16a8a0a0007e1b9fe8b4d22ef0c402e127467070dae0eb9

    • SSDEEP

      192:g4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjHK72dwF7dBOne:Zn3T5KdHCMRD/R1cOnrjH+BO

    Score
    3/10
    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      abba50aeb1da3cd1ad1e79a89701b02e

    • SHA1

      bff5bcc8cb0667934b6c743b3f64f6a594f06826

    • SHA256

      7a4268edf9d327766f22d4126f8dd070db611836f5336af1a864a1f8cfa7939b

    • SHA512

      b730cd5fdca693331e8789318aa5536950bfbd691ec4047eca8dce9f8a4b0f960210261a44fb502839c20f02a20c1027aca23c7e32b84f79c2cca3ba5a3ab13c

    • SSDEEP

      96:UgiqVPb3X8K8Kdr3gEq6nNdMk6Qiw290+q6LDtJ1t33hhEl7y:UgiqVPgK8K9eIdE9B/tnhg7

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      375e8a08471dc6f85f3828488b1147b3

    • SHA1

      1941484ac710fc301a7d31d6f1345e32a21546af

    • SHA256

      4c86b238e64ecfaabe322a70fd78db229a663ccc209920f3385596a6e3205f78

    • SHA512

      5ba29db13723ddf27b265a4548606274b850d076ae1f050c64044f8ccd020585ad766c85c3e20003a22f356875f76fb3679c89547b0962580d8e5a42b082b9a8

    • SSDEEP

      192:MPtkumJX7zB22kGwfy0mtVgkCPOs91un:9702k5qpds9Qn

    Score
    3/10
    • Target

      Qt5Core.dll

    • Size

      4.1MB

    • MD5

      17acd61293353f77fc6ffd1b8fd76e79

    • SHA1

      6a83ce51e78d2ba8b50d05a4d50e6f4a35638346

    • SHA256

      44a33de3ab15d103ad0e5155c81e9b9369c340d14643d70413a6a477d0804a48

    • SHA512

      9b1966c52a9222e98e0aef9edf0fb6836863116f38e5aed9ad9c5493431283424e2107c3a23b479d5d982af9d59b2dfe215024691439cbbb67217d13006b5e2c

    • SSDEEP

      49152:3wKv8HVmxzDy5PvbBkSZBDM/fDQUFYuSjKXwqMG4HJJsv6tWKFdu9CbnWCLZgZ3U:hubC9hyJJsv6tWKFdu9Ceo

    Score
    1/10
    • Target

      Qt5Gui.dll

    • Size

      4.3MB

    • MD5

      dc0d89f794f803db1df2329fed375e15

    • SHA1

      293520356fcb75931d57dd35490fb4be45011c1e

    • SHA256

      e7eea51c6ba1cb7fd07dd0b5e9df79d182ed58ad8f463c9278dfe2cd84de7655

    • SHA512

      7b9b7b30cccd925b452d9cb46937cd7fd3c185ac4dcb57b204ea150a2d9717a30c286d26ccc32000097c226be7dae62fd84e5c4d758fa47554fd5331b5c12872

    • SSDEEP

      49152:r/226ZqRloIGQ/LvH/CJzQuScg75pqOWWl/Nx2GKqqDkNOXbzesiM0NbFp/ur2nz:gVQ/jGzQpIOWsH2QDM09FUTkwXP

    Score
    1/10
    • Target

      Qt5Network.dll

    • Size

      1.4MB

    • MD5

      6e7757efc23e3d14d269e3d5e95d7c0a

    • SHA1

      356b80579196a118440f7fc2513f35d1b0ee491c

    • SHA256

      e69b1c073908c9a98d6bea73062071d91189ce4758674ec4c3001a45375d04a3

    • SHA512

      1739ad53dafeb22a6a7b88f898c4d139debe8025dc4a33a2ce27449dad337a7f73e690ac2285648b31991188c99e739aa621f317a9e80e5606f62c6735719096

    • SSDEEP

      24576:oAivXyDWLhjXPXdQgyLUO8OZ/WvJWVuXqpZ2JatqoLKd:9ivXyDWR/5yLUO8wsJW8apZ2JatqH

    Score
    1/10
    • Target

      Qt5Sql.dll

    • Size

      251KB

    • MD5

      2fd936360fd1d34332bcb97bbfe25838

    • SHA1

      63f6ba350a5dd0256d36f55c8d7c83f882e7526c

    • SHA256

      539710d81f8658477971bdf3075f3b400b571c39d38f2cef06b939d7625d045a

    • SHA512

      dc0ffe3c68ecfeb137b4bd60b5ee25c8ef6edb1cd0369ae5f680a179c7a5ed164bc045dcb4757d84546ffc650a7831cb6f28aca0331296d914fe126198fd2a5f

    • SSDEEP

      3072:xqKZIHQlOtFJBC1e9RI0OM1O1+TchiFW1sooSYQ1zV4XdJPGJ:cKZKeOtFJee9RI0Zp41soHYczSXdJG

    Score
    1/10
    • Target

      Qt5Widgets.dll

    • Size

      5.5MB

    • MD5

      2260fbc42621d4d09a7eefdf304d7561

    • SHA1

      5c21d0a5367a27fbf23f425bc34a5d09306f377a

    • SHA256

      f69b6e4bb40d91e5d02a326f12ebafa98ba3b4f9d282cc9094df301fa84b75b4

    • SHA512

      a869d0b444473a8d97c81333f85d0f2d0dc6825bd9664edae27793de411848e6fe3e43b69cd159b3a3079f339315bb7d069bbe880cffe3ed796181fe2f5e45b0

    • SSDEEP

      49152:UHuT9AZk8H1whR8y0lh7N4tXOL4iRSdtLdhaK3VD4mOzQG/9MJHasu2NV3PExrLX:uaGk8H2Pv8riHKYjKOI0+/

    Score
    1/10
    • Target

      avcodec-57.dll

    • Size

      27.3MB

    • MD5

      28c3d3035ff3b9216a77016cf23205dc

    • SHA1

      19683f75253daba16c626f43ee43372b8d7bcdf3

    • SHA256

      bd5f83ab365e1c9b26742fb2d523bb174acf547f9a1ae73f8a6cc5cf2fc97b9f

    • SHA512

      87b4b8e642785942db51593a9a162f641e672542da999796e1763f3f41aae5f8195577b5e20c993c6425449512edad71222dd42e9a31b6130d93c70b3e2aaf70

    • SSDEEP

      196608:eooaALQtm3+f1mZEEtBY1Ep1O9+WX6zNPgEvQ1BC8aJpPuCnVLYL:xDMX/BA9+y6zQBC8aJpzJ

    Score
    1/10
    • Target

      avformat-57.dll

    • Size

      5.1MB

    • MD5

      036bf355837a9ccba8c2cba97161813f

    • SHA1

      0af4ffe90897aa9f1fed1755275a2fc6c9459ca4

    • SHA256

      0724e9a7e087476c5cd16586fc71f8051b53a3b4e4336869aacbe9060df30864

    • SHA512

      4e4e2d3ba31048d52d4191167274ec0c868ef486aebb0ce85e1b016e5701d0c13e7e179d0e02f760bbf98f8d73da2497167bb070449d07f832ebdca8aaadc5ee

    • SSDEEP

      98304:qmzPl6Lt1LJONf9ysXmhbzhzOThS23nfEI42A079iFaHH92m93cVMp6LZpdWDdk0:NgSvsMXM

    Score
    1/10
    • Target

      avutil-55.dll

    • Size

      531KB

    • MD5

      629e49fb643ba264a2211c716a985463

    • SHA1

      31f5e82b04042514026dd3fdee5658733530c34e

    • SHA256

      25c3d4dcfeed081dc8622f6822864b48ee52d8cec606da654dfc14ad569fb289

    • SHA512

      9b486b3e39f86654e8688a13e114613ca5d2c1c0c1d04f2d765c082a444140f6afbe5beeb1f91c28a5b721eb2a4900580e893e16fd74c04c2d589a831bdf3a6a

    • SSDEEP

      12288:qZOuBU1008QCldwgnXulR9wtc8sR/mUiKCC:7uBK0vdwg+CtczIC

    Score
    1/10
    • Target

      imageformats/qgif.dll

    • Size

      35KB

    • MD5

      71c4a09f22c0e45da1543d22c17db0e6

    • SHA1

      e43537b44948831fb5e504859ddc162491e9e0a9

    • SHA256

      a26a208a54a332ad2e531429c3d3335d75a1a7550ac9c2f94dfb4a6e72c6ba8d

    • SHA512

      82b231d2c9b38506d5f00eaa05d1d11b2f5bf117cbd88196c2b42c531cfd3e9bf6ef705588b433465b05a258af156bc63f9a87e6b5d34a1415f9faf4ce25e078

    • SSDEEP

      768:oXVgDR44RV2m0W6deIGLVgJq8NEf6I4444444444444N4ZDGEld:yVgDR4zLy9SlNElGE/

    Score
    1/10
    • Target

      imageformats/qjpeg.dll

    • Size

      56KB

    • MD5

      749c5deaf09dcb1c2db49e511aa6ae73

    • SHA1

      6aca0cea521e5c423504d6271a0d80891d60c9e8

    • SHA256

      19f7ab54cdb56295df4d6eb4c3cae6e486e8b17ef7f8281778ae0ec125cfecb3

    • SHA512

      40551945a5e9404d84a7c1aab9c3f1873a6d05c8674cf7052a440f2132c6bdbd7fe5f96b757f387f4981cd15681aff81d1d0feb32d572a3f8d6ece154fcf59b9

    • SSDEEP

      768:/L23PTKFSXbthLtJa2zDHtbqqMUVn6OUtM4TlK6LZI4444444444444N4tdrswmG:SrZttb5RPGXarsh/gG0NT

    Score
    1/10
    • Target

      imageformats/qtiff.dll

    • Size

      37KB

    • MD5

      2f3b9f499eb60be3df4d5fd54094421d

    • SHA1

      74e896d31ac9e02c66286f885032e04a87155820

    • SHA256

      8241fe0c0cebb02a8c77e24eadff275b3e52169fd30272a8d7243e5b74707d65

    • SHA512

      29b5c05be8e8a9939622a39815b895ed9ed13339ad6862cc898a7b479e0a3cba2ffe691348ffab088d582be9f9494ca631f66ed5dce767a352148b4ac5b3d053

    • SSDEEP

      768:/coJlaa70yLm84VwUz30OnaD9diBJxRzs14444444444444N4zURMk3AGLn4EWd+:/dma708vOnm9ARv2GLn4B+

    Score
    1/10
    • Target

      libbz2-1.dll

    • Size

      72KB

    • MD5

      48d3f1f67f43425584f04e1a082b3b7d

    • SHA1

      246b8a0b9f8823ff9b801e083c060a090df8c784

    • SHA256

      cb5df7c5577839996278a88b92b1e944feebb846e9eaa8c0742183d668c161de

    • SHA512

      4b1775f4d6fa10dc33b728fde3a3053e360617ddc67b0629a85a6e49b8704608a95da1faa3def7961f5f17a4e75a079cd836ff2c1afbf8f554c5fadc75633425

    • SSDEEP

      768:cxFBplHJfeJuf0hk9b8B6rei9+ko5mLV2LOGN23Ag3Qb/A023x:YjlNe8f0G9ogrei1M18DwMx

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks