cf8a2dfe5f78770f2a3380518fee07d9f0e207da1a0b0d6016266d925fbfc073

Sharing

Copy URL

Twitter E-mail

General

Target

qres-src1097.zip
Size

485KB
Sample

240229-ey9r9sdc46
MD5

cb9ff6876c4f1053a78db21f7bccd1b7
SHA1

f0747eef25d5693a4602aa55042b9b1c5104e984
SHA256

cf8a2dfe5f78770f2a3380518fee07d9f0e207da1a0b0d6016266d925fbfc073
SHA512

14d0f5ee2ede18a9101e82e621e325b19251857bf3b1af412c3273d40222c93a7f2de5dabd0ae6c21541fc36accec720d08fc038f1945308a62ce6e1f6f5522b
SSDEEP

12288:YS7J3NqjodALym2ucNt2qkMzPxO3zvW2dYHx9dbRAs:6jJym2uDAPxO3z+3b6s

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  QResCfg/MakeHelp.bat
- Size
  
  1KB
- MD5
  
  63fa007528941301856b48c87ae07429
- SHA1
  
  8d017c7c964c0a57de5fbf6d3b0b4a0c08df75fc
- SHA256
  
  597b7ca8798e242f357a31972b9cbe977f320b2b17be6d52bfac3c2c227b7657
- SHA512
  
  a57009f53d7dca1288c0960f24e5a61e1bf5a3e60323a75a91f4f9ce713d7bdf651930c238126acd92b92f3c1c3d3f28b824e9164db92afc40ba75cfa9e2b349
Score

1^/10
behavioral1 behavioral2
- Target
  
  QResCfg/hlp/QResHlp.doc
- Size
  
  80KB
- MD5
  
  20a21c1a9fb31f9aa59fe107a4096e3e
- SHA1
  
  ab75b63f17009b7e55a065325c800c24d66cd073
- SHA256
  
  b3644c64c269cce4a161080247e87e893daa224387d5d112a3b308a971dc7b69
- SHA512
  
  3f26f65e9c5bfbe9beb4dadbc04aff61aaf7ee84e957e3fa15ccace1d7fc7a3e9710fb98a25058dea3ec208e00b3631ae27316c1ae35a2466b151d9908dce7a1
- SSDEEP
  
  384:IHRRRR46u/poY0n29kTFqfzq8umjHwvxyKSWds+NRdcyg1fCBzLkHnu661yAoklo:ILuRoY02aErH5KfJdbN0Hup1yGlF7j
Score

4^/10
behavioral3 behavioral4
- Target
  
  QResCfg/hlp/QResHlp.rtf
- Size
  
  83KB
- MD5
  
  422a1ed91a0fca49dfae29933dba30c6
- SHA1
  
  d58c9ee1a1b735ab37818157ded57e437ea713b6
- SHA256
  
  92c96a408b84ae12494125e4df0856465351638cd8d548b9775ea3dedc3663c2
- SHA512
  
  b44054ba5e32ffed0d436b895334b1928b327b091a02e1cd4d5af2f79857c454b369d13538b3d588f6ee41eef171a1f46e7bb6133d23f3214e0cfdff78aade09
- SSDEEP
  
  1536:A3rFk9yAgxLVLU0/iT0/i4/lF0/iN0/ibftu876yn5rjrrrWPmd:AwCftu876ynoPmd
Score

4^/10
behavioral5 behavioral6
- Target
  
  qrescd/sample-cd/myprogram.exe
- Size
  
  49KB
- MD5
  
  cf8c98e8b3979f15df77a7de2e51bcc1
- SHA1
  
  92c2e63af884274cc3354978c1cc69a51377d31a
- SHA256
  
  d765da6b0ad1a3f1a4b0a0beadc854b9b12d76ccf73d3855e7a5409bb6b42916
- SHA512
  
  91285353747482a3f7104e85a69276ad6be40c617b90238562b3faed264000d109742689f595416779682c3faa28eefd88e0dd3c7aa4424944a731f5796aff7c
- SSDEEP
  
  768:g0jToP6F2jo6B8HtbCKbsd42oF0auBK8A5hHeyP:yP6Fen8HtbClPoX3eyP
Score

1^/10
behavioral7 behavioral8
- Target
  
  qrescd/sample-cd/qres/qres.exe
- Size
  
  36KB
- MD5
  
  d4e8b99ea85f0e1a0b43f6755d0a1609
- SHA1
  
  b8cd955a78547a3a60a1feb3a71e809ece6e0198
- SHA256
  
  d9bb2bfa4a3f1fada6514e1ae7741439c3b85530f519bbabc03b4557b5879138
- SHA512
  
  73e050ad00c7b0a505629fba6ceee505799342376c0eb606b1b93b405f8e7f2d930391141dae9f818d58032e5e1e70490acbe08501eaebc6150f02e119af4455
- SSDEEP
  
  768:F3xxO4iip+GrtP7KupfGGUhqoi9fSUK1zW:F3xxO4hP7H9joQfbK1zW
Score

1^/10
behavioral10 behavioral9
- Target
  
  qrescd/sample-cd/qres/qres32.dll
- Size
  
  44KB
- MD5
  
  50e8c1d9d24795099e711e507f7fb88a
- SHA1
  
  9df3217cc6df0fd21f29947d49d85cf19b28af6a
- SHA256
  
  f6d846ad6e6b2b308d0579aea6ebb6b151b42a77c821e973664e6db7a1073fa1
- SHA512
  
  70af1705244cdaffc51038e5e08fc5cfdae6cbb3968caaf99e78f6655f748ea779f6f349881cbfc41a090adc6854f09df1b1393e9ca43305ab9ae4b12396324f
- SSDEEP
  
  768:k9hxps1SHCTTxSijDA0qEJU2nGSF1NZj1nop7UK1bPBJ:ExW1SiTTx8fST7NopAK1bPB
Score

1^/10
behavioral11 behavioral12
- Target
  
  qrescd/sample-cd/qres/qresprop.dll
- Size
  
  60KB
- MD5
  
  e62c871b8c1a7fcdb76a01519bae2921
- SHA1
  
  3f757913a0583e0f1e225554c2e4932dc30ef4ae
- SHA256
  
  c8e64c7673493c9e806edad70d3e73436d4010cdd51f4c37c1cdc7e18bc551c6
- SHA512
  
  a4b0b2cd3d4b5193193e22eab74e786d092296b6c5124154ce8f919b19410542ab5e57d99f8ef94211cbb481d5476258dd0863baf737d5071c3810910e57f541
- SSDEEP
  
  768:YQHWjswO4FAK2yhCnuR/Vmz1z5dNXTU9G5fCvl9cl4RpVlLbtoujAoUfn:f2swO4FArpnvBtXTUsdMjcaDDto+Abf
Score

1^/10
behavioral13 behavioral14
- Target
  
  qrescd/sample-cd/qres/quickres.exe
- Size
  
  18KB
- MD5
  
  8f50551721e349fe8640637eb9eb9e17
- SHA1
  
  7dc88d256e5769560d4b8644e2d017b6996dc28a
- SHA256
  
  f3301752358067ed96cb1f0814a34841641003677edd4d9ea33fdf999f5ea616
- SHA512
  
  a9417de09770fb430ce32281d0d90809d13b3d93e264af69b9338548aac3c7e5c38e483c6d917295d9c7be6dbda2d38b12e16810a088a03def7e51d52503a098
- SSDEEP
  
  384:rgFsMla1DizOrSdiS0bghWM1BdzMWUG82Wr:rgdlmizOrS0FgDwV2
Score

1^/10
behavioral15 behavioral16
- Target
  
  qrescd/sample-cd/qrescd.exe
- Size
  
  36KB
- MD5
  
  2ad8934a6ef9a8f8af42c0852e46437f
- SHA1
  
  e008755089d508c8b1a6483d1419c6d1d0f3f98f
- SHA256
  
  1f845d9e1d5b69bd34e4e65d9956a3189caf8c2a5c3da2bb6fcbc9da8a8282b2
- SHA512
  
  99d5ba9ebb69bd66a35339cf83d15255110c6d013e608af4bedeecba20caf9a3ef532afb53f381753f106653c9558dfef32cb55ffa5e44ef888f532f719df181
- SSDEEP
  
  384:niDTx8fqEQyiTPalShCoL7y3w7npahmlD+NiOJDA3yECopXK6Q:nsTx8f2XPalFoLV7npaHJDAC1opX9
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Change Default File Association

T1546.001

Privilege Escalation

Event Triggered Execution

T1546

Change Default File Association

T1546.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Modifies system executable filetype association

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18