Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

QQLive/@�...��.exe

windows7-x64

3

QQLive/@�...��.exe

windows10-2004-x64

3

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

QQLive/ADManage.dll

windows7-x64

1

QQLive/ADManage.dll

windows10-2004-x64

1

QQLive/ChannelMgr.dll

windows7-x64

1

QQLive/ChannelMgr.dll

windows10-2004-x64

1

QQLive/Common.dll

windows7-x64

1

QQLive/Common.dll

windows10-2004-x64

1

QQLive/Core.dll

windows7-x64

1

QQLive/Core.dll

windows10-2004-x64

1

QQLive/Encrypt.dll

windows7-x64

1

QQLive/Encrypt.dll

windows10-2004-x64

3

QQLive/Exc...ch.dll

windows7-x64

1

QQLive/Exc...ch.dll

windows10-2004-x64

3

QQLive/FMDecoder.dll

windows7-x64

3

QQLive/FMDecoder.dll

windows10-2004-x64

3

QQLive/Fil...on.dll

windows7-x64

1

QQLive/Fil...on.dll

windows10-2004-x64

1

QQLive/GF.dll

windows7-x64

1

QQLive/GF.dll

windows10-2004-x64

1

QQLive/HallMain.dll

windows7-x64

1

QQLive/HallMain.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 14:14 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    QQLive/Common.dll

  • Size

    1.5MB

  • MD5

    7587cf65eba4e9eba2bc1d2d08d56735

  • SHA1

    93a4e0cc9e88e9040939b7a78a68ad946e573d00

  • SHA256

    66f76c269b539ea8fb41f671670028632d9b5e06b46556cf0e0624e84dc65685

  • SHA512

    384a3b08e2f3c7e660d49b200f58f991f09bddce15acfc52a060630c1539ddcc909133b9e516407dff7e32c01df85d4f0bd8fef12dd62b2a91a5a94f2962a410

  • SSDEEP

    24576:kEmbsj7hamVW9Tj64/CG56VDRG/jvbXKUsTx8CujsbX7oh:kEUy7hamVW9JCG565ULuUsTCCb7oh

Score
1/10

Malware Config

Signatures

  • Modifies registry class 64 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\QQLive\Common.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2936
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\QQLive\Common.dll
      2⤵
      • Modifies registry class
      PID:1432

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.