dca4af7c9865626137209e77c34643777c93f59b73669a6cd888b46c0bd4a6a3

Analysis

max time kernel
147s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
29/02/2024, 01:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

QQQCWJL.exe
Size

1.9MB
MD5

ee135ee0dadbd7d264fc83e826a96eb0
SHA1

a811a2821afdaea2831b386e19bca62aac9d6207
SHA256

13f13241fe1a0546e09260cc5d13c4790b22bd0b9953f86d7c59c68f3fc4f859
SHA512

2fce041f981b8d67956ea0be74a02c8c9517ddcee79fa6ecf0d11d8896abc60a12ddf8ea03ae3008b0ddc66f9d4341ce6629de9b163dc0dd83d316e974d4b29b
SSDEEP

49152:q/74q/Fmz72Q1Vs47K2OJVmVeeA2ZIqnCZkR:rKFmzyQQe+D28

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4544	QQQCWJL.exe
4544	QQQCWJL.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4544	QQQCWJL.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
4544	QQQCWJL.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
4544	QQQCWJL.exe
4544	QQQCWJL.exe
4544	QQQCWJL.exe
4544	QQQCWJL.exe
4544	QQQCWJL.exe
4544	QQQCWJL.exe

C:\Users\Admin\AppData\Local\Temp\QQQCWJL.exe
"C:\Users\Admin\AppData\Local\Temp\QQQCWJL.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:4544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4544-0-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-2-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-4-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-6-0x0000000002570000-0x0000000002571000-memory.dmp

Filesize
4KB

Download
memory/4544-8-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-13-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-15-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-11-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-17-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-19-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-21-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-23-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-25-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-27-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-30-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-32-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-34-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-37-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-39-0x0000000002570000-0x0000000002571000-memory.dmp

Filesize
4KB

Download
memory/4544-41-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-43-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-46-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-49-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-51-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-53-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-55-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/4544-56-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download