Overview

overview

7

Static

static

3

Hjqq_V3.6.1_crsky.exe

windows7-x64

7

Hjqq_V3.6.1_crsky.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Config.exe

windows7-x64

1

Config.exe

windows10-2004-x64

1

Hujiao.dll

windows7-x64

1

Hujiao.dll

windows10-2004-x64

1

SonicUI.dll

windows7-x64

1

SonicUI.dll

windows10-2004-x64

1

msimg32.dll

windows7-x64

1

msimg32.dll

windows10-2004-x64

1

patcher.exe

windows7-x64

1

patcher.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

QQ.exe

windows7-x64

1

QQ.exe

windows10-2004-x64

1

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/04/2024, 19:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Hjqq_V3.6.1_crsky.exe

  • Size

    3.4MB

  • MD5

    84b2fc1a9b64cbf797dd779b2e623f52

  • SHA1

    7745fbef89fd0a3c03479f4640a0ad658da24188

  • SHA256

    df9fb4c8efa15ad3cbb11163451c8a13a14cb87d1912baeb64c84c205f524d21

  • SHA512

    edd263821e3ffee9fc1d8d2c948fd42c53639a117825ea5d7c226cddf9f45828239f59830c18af4ef226cd5cfc7c3b2472b80bcf67927feff1261df7c72f5970

  • SSDEEP

    49152:fcGtLN+9lrGyzMuViLDrDbLoIdzTJ+p8sqjdCP3qMowzhtkzemReRx1nJKTwtJW:fcGX+l1RVErDbLoK/JjTjd63U6oD+TrW

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\Hjqq_V3.6.1_crsky.exe
    "C:\Users\Admin\AppData\Local\Temp\Hjqq_V3.6.1_crsky.exe"
    1⤵
    • Loads dropped DLL
    PID:3756

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsm3355.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    32aa6334fc543e70ef0f792bb9a0c45a

    SHA1

    54be1f5004f7e5afe7c9ba160495076ea2a4d60c

    SHA256

    610e54bcfc2831d4f9d7030ceb16d35ee33006403d842f01b6e75bebea0083e2

    SHA512

    ac92116821a032de8df64bf9aea9c6ba4040467eebaa4e028c2bf031f1c81bb69531288b9d89d951b952fe0b4ecccade874a5ae76d04db8b4dee2d13c486f9ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsm3355.tmp\ioSpecial.ini
    Filesize

    701B

    MD5

    fe90e72c6937aebce0a42e26f5f6790f

    SHA1

    d88cfaa1fcacf29117ceb0151351731d96e72ef6

    SHA256

    d9cd2fd7b0b8aa4503e06bcdc940e863689e95cf3c9843da508d87b0d247ddcb

    SHA512

    19d8dd8dfc11968b4f8e3199891761f9a4dbd3c5b803b074d0213070805871ce69f66900205475e2b23ebb204647d470ba9ad68c09733bd48fe6fe6a3f0ea16e

    Download Submit