4969529f962c7cbbb1c368b92dd2f99131c3ad6e5a12919b8aee8b47c92beacf

Sharing

Copy URL

Twitter E-mail

General

Target

QDeskSetup1.1.1.6.exe
Size

10.1MB
Sample

240329-nzkdfagg89
MD5

413fd3e1d20e10b93ceb366b51bf6f53
SHA1

e8a7d0c2ad2b4f923b56edecb547304f433eda07
SHA256

4969529f962c7cbbb1c368b92dd2f99131c3ad6e5a12919b8aee8b47c92beacf
SHA512

9b90b7ff03decc5154cc8e07a40e0d7f73fe7e110809550957d3fc841526c62a6ca785c417ae717e9cad7ebd3cc96fbb96d304933fc5b79b26c71e27f85081fd
SSDEEP

196608:FC6Dc8zspBYxPYvYWAi19y5bx+ys/4OLQAFzTk9xRCk2KINKwXOIdpyVJ6:Fvzsp3vYm85b8yslZTcF8tXkI

Score

8^/10

Malware Config

Targets

- Target
  
  QDeskSetup1.1.1.6.exe
- Size
  
  10.1MB
- MD5
  
  413fd3e1d20e10b93ceb366b51bf6f53
- SHA1
  
  e8a7d0c2ad2b4f923b56edecb547304f433eda07
- SHA256
  
  4969529f962c7cbbb1c368b92dd2f99131c3ad6e5a12919b8aee8b47c92beacf
- SHA512
  
  9b90b7ff03decc5154cc8e07a40e0d7f73fe7e110809550957d3fc841526c62a6ca785c417ae717e9cad7ebd3cc96fbb96d304933fc5b79b26c71e27f85081fd
- SSDEEP
  
  196608:FC6Dc8zspBYxPYvYWAi19y5bx+ys/4OLQAFzTk9xRCk2KINKwXOIdpyVJ6:Fvzsp3vYm85b8yslZTcF8tXkI
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  20f3184efe7edddfef3325efc25d12a5
- SHA1
  
  8db4c500d73f9525a7e9834df6caea2e70189939
- SHA256
  
  0e014352b64abc431d97460d79757cbafbf6ba997c08b608c294e1f582af269a
- SHA512
  
  433188957a4603c9c61ec698a720021aacf61f46ccc32d5a11bcb6f2d0b1f01e5680635707d8a0ec7a9ef2aa2a85d6dec07ded452e4cb9e280062c0bed555c1a
- SSDEEP
  
  192:v4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjWK72dwF7dBOne:wn3T5KdHCMRD/R1cOnrjW+BO
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  ea60c7bd5edd6048601729bd31362c16
- SHA1
  
  6e6919d969eb61a141595014395b6c3f44139073
- SHA256
  
  4e72c8b4d36f128b25281440e59e39af7ec2080d02e024f35ac413d769d91f39
- SHA512
  
  f9dc35220697153bb06e3a06caf645079881cb75aed008dbe5381ecaf3442d5be03500b36bbca8b3d114845fac3d667ddf4063c16bc35d29bbea862930939993
- SSDEEP
  
  48:im1nEhqneMPUptuMMNvimk2BAZuMTRCpYEvJdUJvR0J6of5dwe:F1jpl9NLBAZuYtR0xd
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  b38561661a7164e3bbb04edc3718fe89
- SHA1
  
  f13c873c8db121ba21244b1e9a457204360d543f
- SHA256
  
  c2c88e4a32c734b0cb4ae507c1a9a1b417a2375079111fb1b35fab23aedd41d9
- SHA512
  
  fedcaac20722de3519382011ccf22314af3edcd11b69f814db14710966853b69b9b5fc98383edcdb64d050ff825264eaba27b1c5adfe61d1fc9d77f13a052ced
- SSDEEP
  
  96:f7GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgNPS3e:zXhHR0aTQN4gRHdMqJVgNPR
Score

3^/10
behavioral7 behavioral8
- Target
  
  D3DCompiler_43.dll
- Size
  
  2.4MB
- MD5
  
  ada0c39d4eacdc81fd84163a95d62079
- SHA1
  
  207321f1b449985b2d06ed50b989fa6259e4eb8e
- SHA256
  
  44c3a7e330b54a35a9efa015831392593aa02e7da1460be429d17c3644850e8a
- SHA512
  
  1afc63db5d2030b76abc19094fc9fef28cc6250bd265294647e65db81f13749c867722924460f7a6021c739f4057f95501f0322cdec28a2101bf94164557a1a5
- SSDEEP
  
  49152:zf59zPxKcvHzDB6t3+C0/aJfyLg7Ie4Xy+5j4m2CTB:M2642o7lftd
Score

1^/10
behavioral10 behavioral9
- Target
  
  D3DX9_43.dll
- Size
  
  2.3MB
- MD5
  
  7160fc226391c0b50c85571fa1a546e5
- SHA1
  
  2bf450850a522a09e8d1ce0f1e443d86d934f4ad
- SHA256
  
  84b900dbd7fa978d6e0caee26fc54f2f61d92c9c75d10b35f00e3e82cd1d67b4
- SHA512
  
  dfab0eaab8c40fb80369e150cd36ff2224f3a6baf713044f47182961cd501fe4222007f9a93753ac757f64513c707c68a5cf4ae914e23fecaa4656a68df8349b
- SSDEEP
  
  49152:dbCJsk4VlPXA+15Om5wxw9Qsi55K+31BhZ64nW:YIIBnW
Score

1^/10
behavioral11 behavioral12
- Target
  
  VMProtectSDK64.dll
- Size
  
  137KB
- MD5
  
  7b8b2bb42d9d5ae888386688ecb1b62b
- SHA1
  
  1fee3271275f94ac38606d527718f41e0c77df8f
- SHA256
  
  687471f60ea1c422e3daf389ae49b0f24013993d1cb40eb0f7dc1f7ca3953829
- SHA512
  
  afe10d3b482f3b46bebe7fcd13e4ff871144eb6ba2a09ec669491b7223a29049890e6723fd204a48123a3e15cb0ff6aae693d9d9424eb521a677728628b00106
- SSDEEP
  
  3072:gmcqYHq7Aiytzg2ScpvgJcG5sqYX6UdHMlBSMfxumsWsxQ:p0Hq7AiyegZgJZSXlsHumZX
Score

1^/10
behavioral13 behavioral14
- Target
  
  avcodec-58.dll
- Size
  
  5.1MB
- MD5
  
  4c9541d620fa01a88096ba010cb15a45
- SHA1
  
  d3f5e6fe39a11972b86baefef151f57cea364b60
- SHA256
  
  fd7d1a0cfb17b20e4e7aa422cd769aa6f84b2fdad1ae32679da0442f8efcd0da
- SHA512
  
  9654e98a0d1305ad83281a1499a4d1e64954c7cd10d164b5b1aebc434fe0a9bdbe0a97f576779b450054760e7e6284dce60461922f6d5417d240f03410bf9133
- SSDEEP
  
  49152:FL0uNOto7fbxpUJ8wdb+vJGpHgrqfjVJfU7mggp9N+ui684YgSlFuqMHIuZfvsDg:Z6txsoTp2Fmj1MET
Score

1^/10
behavioral15 behavioral16
- Target
  
  avdevice-58.dll
- Size
  
  742KB
- MD5
  
  249609ca649419f2bff0bd551f8f4307
- SHA1
  
  7a10c99216ef7ad0a726cb5d987fb94a5fd68cd9
- SHA256
  
  28ab8d61b11fd59d4140bbf840c2c6d122849c659fbfd55a94591ffac93e1820
- SHA512
  
  5ca215f007803c7b76fb1c59ba605be7b178349451ba1e85cf04189b69f82b70ae9ea6a3d904a574fe6c89228fc3ec4a4c411b77f578ee9a3e56f4f7481e002b
- SSDEEP
  
  12288:Ot+jc50Dcgc0uqCfktrocWGueTp8HWqdIKDGMB8HPPf1Hvkg:OscRKMUvph
Score

1^/10
behavioral17 behavioral18
- Target
  
  avfilter-7.dll
- Size
  
  866KB
- MD5
  
  dededd74847c95f350997f4040306582
- SHA1
  
  2c110944d03dc51e2ec56c94dbfc59f8c13d0661
- SHA256
  
  f3251ea3576d3a485e46fe4d58c75fd582a03deebd9733d2bed927ef3bef783e
- SHA512
  
  82faab8e71b5c15a3ce409b66ec9fa6f148cc97b529e38f70c31fc9c11d4101efbc89800665152c3c2b7510d2cf9fa2c486179228a23feb4f204f12a84c8a05e
- SSDEEP
  
  12288:s9gRg6A65tWBYU0UiNxiy971QePs1qcmDzL55jHxeKXAxeydoPbTB47rbT/qOOH:s9sA6jWYyIq7/Ly
Score

1^/10
behavioral19 behavioral20
- Target
  
  avformat-58.dll
- Size
  
  1.4MB
- MD5
  
  5129f93a7bbac7add6d09ef88bb4cf62
- SHA1
  
  8564612022217057e3c7f71b2eb668649038cad9
- SHA256
  
  9b1d5411c7fe82445d18357dec23d65b3fdf847cef859890790c5ced2f6d772a
- SHA512
  
  3a1607a766cc826d8ac9260a081d9d1f8dc271dab5c905ac9b225d69c46740fbb4e9c618d73b4b6bbc3ec78f473a53a1120a8b9cd837702c5996df08245d3026
- SSDEEP
  
  24576:ZrkmlDjXJgj6MYftbkuq2Gf3AIJ3h4nxHbo4:ZrkmlDljT1bkPpab
Score

1^/10
behavioral21 behavioral22
- Target
  
  avutil-56.dll
- Size
  
  1.7MB
- MD5
  
  a520f5a764475e94683d828d10712e71
- SHA1
  
  9350aad6aefc1048bfa7ac5f6904761738da8574
- SHA256
  
  119aa80048dba643eadb92365e528b00828816e4cc1ed2e728722d30d7162a45
- SHA512
  
  814eceac5db2923eaeb69b5d031fbbd2d058ea536eaa7dfe9d8ff41db303500aa61304cb0bb504f418d1f54152ea38f0f734daa03cbf8e481305f5b4dd62c131
- SSDEEP
  
  24576:AZnPnqByxoxsqx06jzE/5sI+PsYzaRLn:QYeoxsE4XR
Score

1^/10
behavioral23 behavioral24
- Target
  
  breakpad.dll
- Size
  
  172KB
- MD5
  
  49b6c7dcac177701058dc1d2f91b0dc2
- SHA1
  
  9023fbeed8d705f59fc009f930e4b392008cb594
- SHA256
  
  79e48d9d160ac433235c3a350c5baf79b2eefc26c2d3ac2d2207ffab716b540d
- SHA512
  
  e097cfa5406ebd938428a77b4e4ff745186f6719f0af05027a4bec943a755b61888f099e8c8d732cd1c528c50f1d9d79b86383a73f0dea213d56815e7470e46a
- SSDEEP
  
  3072:ygLrmgUuiRhQZiGU5PxfeG3UytoywwJaZaXn/rxrtOUqo:ygLSfuifQYGSJ2G3U9ywlZWmf
Score

1^/10
behavioral25 behavioral26
- Target
  
  d3dx11_43.dll
- Size
  
  270KB
- MD5
  
  9d6429f410597750b2dc2579b2347303
- SHA1
  
  e35acb15ea52f6cd0587b4ca8da0486b859fd048
- SHA256
  
  981e42629df751217406e7150477cddc853b79abd6a8568a1566298ed8f7bd59
- SHA512
  
  46cbfb1e22c3f469bdc80515560448f6f83607fd6974bb68b9c7f86ca10c69878f1312b32c81c0f57b931c43bad80bd46bdf26ab4ffb999abb0b73de27ad7c56
- SSDEEP
  
  3072:iCWVWFOaVgP7BzvjYlTc91N6Vkg4eK6DvDBcMqpcJbMYBu1+Iz54+vJq9o:EWw4gPdz7YlTc91i1DLopYMvIIO
Score

1^/10
behavioral27 behavioral28
- Target
  
  driver/devcon.exe
- Size
  
  80KB
- MD5
  
  a9b2b49cc4457ad9d63b10c4fd6c9748
- SHA1
  
  358179dc6acaca3101c3b6f8af4d471267576d63
- SHA256
  
  270836795917367e22d843df92a535004143515e9ea9bbdeb056a27c82ad6daa
- SHA512
  
  8b958943667d73d479e3943f752248bdf13f3c7f242d2ca7ac13ca81a7318e737b78e3172a726c7de040c9ae442ee9fb53245153f6f3d965562070c6f097f34a
- SSDEEP
  
  1536:Loy+W1WjEMnRJod1WoIkOFc5V62nFMqO7WM:LhePRKWpkecC2FM3W
Score

1^/10
behavioral29
- Target
  
  driver/idd/qdeskidd.dll
- Size
  
  84KB
- MD5
  
  2d19eb605ca6654666c45739bc467fa3
- SHA1
  
  ee9d9603d1182b0f41b8dd50c4b502b3d28bf634
- SHA256
  
  3dc27c2c533fc448bd7d7a3920d11fbe024f7d16464f1f4cd346796a5844b69f
- SHA512
  
  76b94449a2a13aaf6d27e31d3f415e0de4b96a19c174cb4f2fed1e85ed76f8b157fa5bb46cb26e8d86d9f68480eb26553dfe0a066b1a94944ebfa8c6fad0e20b
- SSDEEP
  
  768:jTK5Px4bVck4FdPmaq4vDI9zvoWyXWAiQUW51p4wkbgvPNDVs3XAYBEpYinAMxC5:fw0wwqdTpPLHPaXAYq7HxIhzr7MTxK
Score

1^/10
behavioral30
- Target
  
  driver/install.bat
- Size
  
  913B
- MD5
  
  e304283c4c158fed4e877bcf1c21df7d
- SHA1
  
  2991be31c6a1070acd7f2eea883c3ea2e91d1748
- SHA256
  
  931170d763dbbf046aac972d548a182c473957714db63d99133ae65240459916
- SHA512
  
  085a96602d5b055dcec3e57799ff89a8f1e3da89434be36e03592ca015ede060bdd4c05201da2126e4c60509f5508a49efe83ec2825a77dd496c6ec3e64be099
Score

8^/10
- Drops file in Drivers directory
- Drops file in System32 directory
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Drops file in Drivers directory

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32