1e88af7a351ca27eaa87253d1537b8a4d2ead0e03f9d33f2f4edcf00c00e0cb6

Sharing

Copy URL

Twitter E-mail

General

Target

c11525ae7776cbc8be18d014e5d54107
Size

4.4MB
Sample

240311-t5zcfabe84
MD5

c11525ae7776cbc8be18d014e5d54107
SHA1

a0b399135a4df1acf0dd8605124676621d26b5ba
SHA256

1e88af7a351ca27eaa87253d1537b8a4d2ead0e03f9d33f2f4edcf00c00e0cb6
SHA512

638ea8d7ab09072494042bc0a40fbd2ad38959784734718700d2f4c438677a7986f86227fabe8480f3f63f3347b184f6f822757cff92d4b8551dc416ebc861a7
SSDEEP

98304:77LNwGjHgEGBuaZEqERxdVpr7H4TR7EHO+tn9gRY5eQSSz:uag9VERHVlbaWv9V

Score

7^/10

Malware Config

Targets

- Target
  
  QQLive3.5.exe
- Size
  
  4.4MB
- MD5
  
  8a787da56b8c0b2cc835c0991c521e04
- SHA1
  
  4747caa4442d7482a8b11421f4625f23d0b5ae00
- SHA256
  
  2f41164e2eff2be909b0b6fa89a265858729e29b19510d0bed368e9571e530d1
- SHA512
  
  75b9d3e416ed8c85c35abcced80094e60a10725f0e7a820770aaa5de8e2a0aea9f069a9665e2562fd5617338936c81dd831e365028342cf6e16f9936e97c9d5e
- SSDEEP
  
  98304:4XOCmBmRyV0z3BKunzPTK8acH34NbPM+41znN2WXleaP:aRwV0j0uzPTpacHOjMJBVXYaP
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CmdLine.dll
- Size
  
  4KB
- MD5
  
  edf61ca7c9289936047cd0f378e961a5
- SHA1
  
  6519f848d76662d1e3c4c9792947c07e5c5165b9
- SHA256
  
  af9ac758fad5ae60c9088af32f139957b53773e834bf8e1dc8e723679e5769bf
- SHA512
  
  2ddba165a20886299ae8af2ebfb1cdc184ec75a5665fd83971d6e4a5296d2ed23001cbc01eb01e2d653214710e58719c1b8d31113a0e46e6f106826bbaad397c
- SSDEEP
  
  24:e1GSQevP8oN42tGv+zCdd0RdJf6lhof1BEJpyqI7xogNNqtvuPqQV1tLwlWg5dhT:SQc8pzWq2JfIhhPI7M2/LG5dTYP
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  f407939127208a009b9a825cb77ed3c7
- SHA1
  
  051d7fccf3fb544acaa8ab6be590bb4bc79cef82
- SHA256
  
  191fab998e58b66a2416873b06062166b547eb3ba06b1326a4a785a566aaf76d
- SHA512
  
  d45d08823ac7667f071b21d238b7fda43115db3195a442cb17d880d147e8a930374403c970afc31f676f01a83fb9c63e3be047de7e16718a08a1fdbe4b690901
- SSDEEP
  
  192:hzixixDOHhG9db9rd+oSVPECMlh3I8tqDyn/7hwbbHF1QuCb:hOx0DOHqrdwTY6+n/72bbMum
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  c1e153f9fa1001eb9fb34bbc4a3f3927
- SHA1
  
  dfca2dcce9b0486114692a23776191627b0c9839
- SHA256
  
  e594544cc4b4a0a5439a2b9a79db14e580d815c87e353781c47d4eab5e313b8e
- SHA512
  
  d2a7c2853b56f60f710dcea27c346dbd22593c98e5c000c22650613851f26e505b12260bcfc050473e97c2796a91c94a3c201785dad4d95de0b4e2de35c3a41f
- SSDEEP
  
  48:C4ojqpOxUcbslAR1k5eKv8rbvHMgiqCmZuwJQ7TLSMXaIYatzbgAa4l5YAZ:SEeFslARoeK8rDHMgTCmj/MqoRb+4l
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/procdll.dll
- Size
  
  4KB
- MD5
  
  7db3aa454b55d24d6b8266d79f3e8bab
- SHA1
  
  3bab133e42c5e94711f2994b7d57a3746713cf36
- SHA256
  
  291a74090610ebf38b0968ea72fc26cc538fe21eaddf5e1383aa0bccbcb36e60
- SHA512
  
  afeaca5a5d6863eaac9e671ffcf62b12f9ec6b5ab79f10c39d48f248f01d1d4048e95ec0e31dcea8878595192acb42bb8aabec41235377d901fd44db9101c885
Score

3^/10
behavioral10 behavioral9
- Target
  
  ADManage.dll
- Size
  
  180KB
- MD5
  
  5ad390e3f026c8c2689155370b9916a6
- SHA1
  
  bbcd5aa7c5397edf2f38abfebaa9de4d4c9ff268
- SHA256
  
  760897de13236c01fccc367aead3fd1c2fb8c25ff641024edc1ea2de546ad85b
- SHA512
  
  e0768b5849b8651d6b322e7f05371896d949d04006a9afb6596d79a483798947930bd6f913c20c592f44cd505d90dfbb93b2c71ba9615d66375c62960f88b944
- SSDEEP
  
  3072:QrZeWlM6r+LUiVA2yS7eF3PGTM2yotR5f1Jgfg3x3h5Ooy:QrZ3+LUqpIMR5f1qo3x3h5ny
Score

3^/10
behavioral11 behavioral12
- Target
  
  BalloonTip.dll
- Size
  
  152KB
- MD5
  
  95d12d3930b87859d933448788d44e27
- SHA1
  
  fb2d10fecf77c853ae4394579381ee67f4a3e02f
- SHA256
  
  dd81abc1a1602300ddd539856961bda3741b385c3f84c72950a05bc473cab56d
- SHA512
  
  62eb4b6ff7603abb0b205b2c8bc7747be128c09836bde09d2d7e6dce1ecce67c2fbf2e46af9b51b0f3dd72bd36db7eaa47d0645e991d0d85900db9c25845f512
- SSDEEP
  
  1536:4lJ17jt+6LPmeJcI+oQuOIjF1cWzOOZu+Wt8sj5irbKKNsECZDDq4ydZIq:4lJ11BcI+LIcWz/1q8Q5iKqsECZDD8
Score

1^/10
behavioral13 behavioral14
- Target
  
  COMToolKit.dll
- Size
  
  32KB
- MD5
  
  9f34677b2fb33ae7296982317e80c117
- SHA1
  
  7506db6f6ba17262d9dfea5a3f597f4d09f6037e
- SHA256
  
  0440dc7a68bd969155983931f157a9e316cc495803af3f3e4f72cfc36b6d9410
- SHA512
  
  a1fc084e33e86b5f7691515b0154396b0a674938832878532033c142998208fba28e537cc042530e9a46f4383cab0b602af735605be7e587e8c75a70bf8ff5ca
- SSDEEP
  
  384:wprg5MoqC2NjsHirNxRHWJe/J7VjqqbMSiLNyz:CrkJqFNjszWXjjgn5K
Score

1^/10
behavioral15 behavioral16
- Target
  
  CacheFile/ScrWords.htm
- Size
  
  419B
- MD5
  
  8fc900f194ef08949df43e8a6694983d
- SHA1
  
  be5a0b372f4020a6714e1868c066cc3f5f2d0003
- SHA256
  
  b859d97292f935b5ffc14b62535ce6762b495ae2f97d4c5be8ae92e7a2f96384
- SHA512
  
  94a94bd38c1e61c7d1e290388990966e0dc5406c6fa4f6a4b2704474ffce248d1f6f015c609c0ed4a60a2e89c0fa1edcfeaa1d203b6e3d91f93fc7a05df87207
Score

1^/10
behavioral17 behavioral18
- Target
  
  CacheFile/ShowPay.htm
- Size
  
  84B
- MD5
  
  1ff675a7502a317fef7fa3f38ae0a087
- SHA1
  
  0e385b7b75002ef7bb2924f6d467f7394aecc11a
- SHA256
  
  4e241c97594504c6a8f4af958a9c1a476ee83954e1e49195d3a86ce1c274a1c9
- SHA512
  
  9c2814b17eb863a661c0836c42af4311cfec6b96c6837ac996912e73c21abee95e5c0c9edc4f90008e29f7d273dfc507f154519ac8762dfad7c231cf92f1b2fe
Score

1^/10
behavioral19 behavioral20
- Target
  
  CacheFile/index_loge_normal/index.htm
- Size
  
  521B
- MD5
  
  f27c258679f3ab9e5e1eefbaff660851
- SHA1
  
  f5a95c049632406631f58dea367e683293cced44
- SHA256
  
  a418dd9829ab12231827281998ec859c306b7ea5f4f13bdfa843ea2417731389
- SHA512
  
  a79d62783dee77a6b6000f5c3e2b3183564053dc617b7fb5d08876e47f72d1860a7d946c337c4c6d861e5f9ee51bfd9d87ca908033df0ca6186fb7861e8a7dbd
Score

1^/10
behavioral21 behavioral22
- Target
  
  ExceptCatch.dll
- Size
  
  112KB
- MD5
  
  676df65f738e7ca7ed4bef5d321d445f
- SHA1
  
  fedda6fdbcb63005713b98047da55decf28bd1c6
- SHA256
  
  bb57b7430861932e5cebae7126113d8cd8405ed4096aa9178361bf87f6eb611e
- SHA512
  
  05aac2222ad27d2c8dc905c2562af36f310b7ef8520eb0a48ea2411fbe4bf3b94d313feabcdcf6cad34c0f5bdb4d81a5db5a696a754c93e7418a99138f1cdf00
- SSDEEP
  
  1536:qT//RFg2NhmPMdJDQHoo9TlgPXrO6FUJwlqoAE777777cJC0hj+ZCthJ58FEN7et:yRFg2NhEMdJ0IoGONWQHJWZ8hJqE5A
Score

3^/10
behavioral23 behavioral24
- Target
  
  GdiPlus.dll
- Size
  
  1.6MB
- MD5
  
  871c903a90c45ca08a9d42803916c3f7
- SHA1
  
  d962a12bc15bfb4c505bb63f603ca211588958db
- SHA256
  
  f1da32183b3da19f75fa4ef0974a64895266b16d119bbb1da9fe63867dba0645
- SHA512
  
  985b0b8b5e3d96acfd0514676d9f0c5d2d8f11e31f01acfa0f7da9af3568e12343ca77f541f55edda6a0e5c14fe733bda5dc1c10bb170d40d15b7a60ad000145
- SSDEEP
  
  24576:Fk18V2mHkfIE3Ip9vkWEgDecZV3W9kpOuRw8RhWd5Ixwzr6lOboU7j97S9D+z98v:FZNkf+uW3D1ZVG9kVw8I5Rv6lwH9+X
Score

3^/10
behavioral25 behavioral26
- Target
  
  LiveAPI.dll
- Size
  
  44KB
- MD5
  
  7b582c2d7eb4111e0218e6c5c877378e
- SHA1
  
  7f5030ca73f2d0c133f67cf44869f84571b59922
- SHA256
  
  237f1e3da3477ec0feab581bb8b0e47122c76c1605e181c82a56ba7eaa142a32
- SHA512
  
  d68069205942229f7cf4e76146d21e0bf6ac3a0c74d4f5e49afbb6dbad24660b8628e06e0e3e7c73531ecb1f746f162ea9cd1abe2993ae6616928617992679f1
- SSDEEP
  
  384:urrts30+dxZ6x5HZ4blJfM3Jf0nZKhwYzPveGneq3x3bGYlKjzrglwRarU:urG3TT+5HZ4j6f0O7h3Jx2rBa
Score

1^/10
behavioral27 behavioral28
- Target
  
  LiveStream.dll
- Size
  
  296KB
- MD5
  
  a17434584a4aeb837fbe590768b616da
- SHA1
  
  1ae84b5a3816b0257cb94ffc4b4bec1df550802a
- SHA256
  
  08c993d985abf50ed22673bf09bc6a5235cdaa26f76056f4b9588a02022d0eaa
- SHA512
  
  fc5d14ef966abeb537bfb835fe9e525dbb7328e90e061e5e041ffa10cd0ed4019a134f5c88af2d1cbf11a6ea1bbd29e03f82f13588d76317c9f452158f1c1116
- SSDEEP
  
  6144:osUCwFvuiM3JGX631ovAXhacsfMHM1IBTBljfw:o7fvuiM3JGX6+vkYHfaBT3j
Score

1^/10
behavioral29 behavioral30
- Target
  
  MagicFlash.exe
- Size
  
  84KB
- MD5
  
  cdd4379e2cdbb1f89b5bcc280b0c913e
- SHA1
  
  4ae0f8133956d9363bf0a383dbb1126bb2a974fc
- SHA256
  
  8f36523bcca1950b30f843be6a36e913738e738449cd198c6637225620762715
- SHA512
  
  e92aa5c18c9980cb64b4d32799b6018527f56d4588691e6aeec6e39f0b20f979605513cd1417d001b1ff9784f32f57394feefe0f21cf7b7d59465747dd99847b
- SSDEEP
  
  1536:7QgFZGh7VoR/kab8nGZNIOrnToIff/tTI+LpLqXhdJpg:7QgFZGhxKAGZHLTBff/xI+Slg
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32