3336982683eb72cddb96d15edef0e2cbfc5fcd3c4b46c8301253b0d92b8f711f | Triage

Sharing

General

Target

ExternalMenu24.rar
Size

67.4MB
Sample

240809-a8lqzaxcra
MD5

519f6b30bb62ee8ff89253fbba77d0ad
SHA1

fa472acbb2a11f424403f2b8a9ab50502f57c504
SHA256

3336982683eb72cddb96d15edef0e2cbfc5fcd3c4b46c8301253b0d92b8f711f
SHA512

236f0759dbe5a3e1938ed7304d1a8fd4b4e5d0b2c3fe7489e0a907c77002a28c6053ab950185493b9972e2669b73d732914075cbb38a7cbb1ca9a22b05a63095
SSDEEP

1572864:ujaU+aax6yfMHevMh47tRuTbEU+6gnhGVY39alYbKXsV9sw:CaxrRvBRDKvXsTH

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  ExternalMenu24/App/dlc/qwbmp.dll
- Size
  
  25KB
- MD5
  
  1d732c1ec60c5569642590a0eeca146d
- SHA1
  
  ca5f87d01eb2766e8b98e36bfe4e3b2710820645
- SHA256
  
  e0e670dab9294df0804b91bdcb27ee1003954e9a2b110dccb3efe948ffd63bd6
- SHA512
  
  5dc11a0022ae6474ba05df3da5c596130c2c28c8a4885a032a039037146a19a8cc1bc08433eb72c4d299a559b2c319e6b029a14d3f85fc0477dd8bd14997c59a
- SSDEEP
  
  384:aBCdQ0WinmFSMiPoWbnnh9fy1Wq13WT44o1wvsEq8HGcN60JLrH:s8oyPfAwoRELvNDJLD
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  ExternalMenu24/App/imageformats/dsengine.dll
- Size
  
  394KB
- MD5
  
  9b2390bae2b8d5955707ef45624ba546
- SHA1
  
  f46f1000de2bdcb5d1758f970400702310dbfad4
- SHA256
  
  f99e42bdf4ec929c76fd54574cec5c81e4fd5f48e2c5673afc69cec3830527b9
- SHA512
  
  0dc2d7d80875e94b76115d082317bf952d981afdfe67597f8d5e089b5839aa19b7c12e14f4484a247bfeba6d310ba21bed1c77daf9f22693f1c6fdd1255cb7cd
- SSDEEP
  
  6144:EQ4utWs6NeB/WMScxHOLCKX4FSP89xMjJQSLbmhNhDzcMWaW80c:EQLWs6CWMRKIFSP89xMjuA
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  ExternalMenu24/App/imageformats/lbGLEv2.dll
- Size
  
  6.8MB
- MD5
  
  90ad3c47740fce98015444d1289af9b9
- SHA1
  
  0135a04b2b590e1647e3a2b123596d62d57fece0
- SHA256
  
  2082c51a86bc8b7cd5e69cf5d43914efe5d939c90503539d657fde7915a95ae1
- SHA512
  
  40bdd65a9fa761bd3835ea9fb8c4c4d90531253d9dc7183d59c2051a627afc8b267d8de7e7478396e9fb779796f2b7e9b012564446671b4ed06427de5e93689e
- SSDEEP
  
  98304:WYasIDptJ/QOjZfU5Q9S6Vaem7EdGSfhgbMKl4F:WJJd59Hk392thgbMim
Score

1^/10
behavioral5 behavioral6
- Target
  
  ExternalMenu24/App/imageformats/libEGL.dll
- Size
  
  331KB
- MD5
  
  d5a1d8edd220546bb28966947603c0ce
- SHA1
  
  9c82abbb1ea0a09f43a95c2c64f27017685d658e
- SHA256
  
  d5c60cd8f183698194cd224657fc3a916200adaecf4afec0dbe1f3f4168d2456
- SHA512
  
  6f4afa5705a008eec2adef0e99fe8f1396134e42c2ed66be664ccd2b155451d2d47662acf20902e0330d818871fdb63ce1cb8ac839bbf0884697c3b0243bdd33
- SSDEEP
  
  6144:a4DEXF+GU1ZAfyMuNB6DAbHCR81qeOwf+8v+WU3H36Dlj3NSuvaxoG8:R8F+pbA2Y81BOwWE+WU3HqZOz8
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  ExternalMenu24/App/imageformats/libGLESv2.dll
- Size
  
  6.8MB
- MD5
  
  90ad3c47740fce98015444d1289af9b9
- SHA1
  
  0135a04b2b590e1647e3a2b123596d62d57fece0
- SHA256
  
  2082c51a86bc8b7cd5e69cf5d43914efe5d939c90503539d657fde7915a95ae1
- SHA512
  
  40bdd65a9fa761bd3835ea9fb8c4c4d90531253d9dc7183d59c2051a627afc8b267d8de7e7478396e9fb779796f2b7e9b012564446671b4ed06427de5e93689e
- SSDEEP
  
  98304:WYasIDptJ/QOjZfU5Q9S6Vaem7EdGSfhgbMKl4F:WJJd59Hk392thgbMim
Score

1^/10
behavioral10 behavioral9
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/cc/qjpeg.dll
- Size
  
  323KB
- MD5
  
  ea85b6bfc6f6bf1c9ae2f14a03cb7503
- SHA1
  
  7ad8d94683ca3d80ac5789fde6e4fa2c4ab8869c
- SHA256
  
  dede0ec14d4fd310f9aed0a81ff36063099915a093e6729d878da3cbbbc7a54b
- SHA512
  
  313cb3a6a241dc4e8f123ad8a57d91ea4ad119b70a8f8ff5ea9857002d48cedc2d59d1687087ae33449860b573d14e0a6800c3dccb51743a0eb32ec127900dbb
- SSDEEP
  
  3072:PjJXnHEpy9ih8dHODa93qetVZl7SCgSaemhwV/b2V+P6OyidpGSUhd1GDRj/xawf:bJXHLjEYiOyizR1j/xatBYeV3Gt5SE
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/cc/qsqlite.dll
- Size
  
  1003KB
- MD5
  
  e98ba766bb736a59f9e59faa8c5dc542
- SHA1
  
  04a72c2470f9455f4cea173b6a408f860dbcdac8
- SHA256
  
  61f2d69173b63b1341c91b709d48ad4ae0b21f38fdce93e11dd670ba5c257a97
- SHA512
  
  a61cea81a1faae0bca93c07242164a2287649a34518bea9813c5c2d0ef20f5af818e1b13dc0d5d5d7dc4e2f5482171bed6c7db46100dbb60fde273d763e75d92
- SSDEEP
  
  24576:UE7Rq8V/UUNChaqoBYzP+ODUeOEJQY8tm/q5yWO4r666C:Uw56mcTDNzQVvyWOX66C
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/cc/qsqlmysql.dll
- Size
  
  74KB
- MD5
  
  a404568b72465b58b6f73691500abd20
- SHA1
  
  cea9a8c62beaa8f02e1a79d1fe5c537ce8bf99f1
- SHA256
  
  634ab70e411dde87de14e5d3207a614d0f6a2f2b7d3e62072c40bddbf3b1412d
- SHA512
  
  d38650f052ae9cfadf8f206a123ab13088db15b4116c7e99d851ea1bfb98d0198ff86579cede1d6472b9fc311776e4ea9ee7784a8c35a290f032f23da09711ee
- SSDEEP
  
  1536:lt/BF2QS5LX4trb6USumsbn/MJEA6utsg:lt/n2QSkbSXsbn/MJEAT
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/cc/qsqlodbc.dll
- Size
  
  98KB
- MD5
  
  b0b9263aada0e1d13d019c2c77238034
- SHA1
  
  9365f006b072622db775c3056a9a3c8f5d028c03
- SHA256
  
  1a180319f7719dea47b033fdde38f642041a0e84280595a7e53ce87a2653bc48
- SHA512
  
  b8cdbc655903f1b5b7dd71e771464c07dd4f284e6f6e77d34afec2f6c4dab2c27e020ff7efc205afbce6d1641bd1b495f24d84b65f7c67d52911afb92627e914
- SSDEEP
  
  3072:JL7Z21oereiCR95E24hL9MT/koswsfEiUv:uotiCRT14hG/koswsfE
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/cc/qsqlpsql.dll
- Size
  
  83KB
- MD5
  
  6ddbdde4adb1d74f117fcbffa8212559
- SHA1
  
  be2a0c1f029593f75863dd61c977f70c4f052519
- SHA256
  
  5f3c4f9e5407ef1fc8b6990efd13be27f82e476fb440dc0fd38f590b694e05d4
- SHA512
  
  329e234f22f6817a9c70c08fd8b7cbf7a6a6ef545810ecce9f2b38571208d90bc71b62b3e39e619e327667a4bd0e422815dea81235d240a8a46ab433a4e23eb8
- SSDEEP
  
  768:TT2LOMUJ1jXRVyxSZfBe12dXnToLZkYo863N3AYt2Ii7Cv0iqtu3mWkcpVZ27nEH:ThMOMSZc19y56iq5Wkco7nEiHh4
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/cc/qsvg.dll
- Size
  
  27KB
- MD5
  
  5b12172e7a77025c147b43902993bef6
- SHA1
  
  6a1661855205f3d2f626ab610f9cf85fc176efaf
- SHA256
  
  f16b98631008a93804a2c7454591cd3ce771ce14a2d4746038173b63e65c7c8b
- SHA512
  
  2aa5e08125b440d3167bc5a374fc8dfd936eb6d174073075da27f2aa182f2c026684e72b84ac41e086885a339424f3cdd0704aba4a5bbcc588fa318c99ff5a5d
- SSDEEP
  
  384:jIeF0+bfSUjzlod5xsIRli1EUtyNIyNrwvsE48xWo5DLTP:vjhodfsIRE1gNpNfEznHTP
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/cc/qtmedia_audioengine.dll
- Size
  
  65KB
- MD5
  
  c21b05335a41a27ffa9a030e7b3d9b7d
- SHA1
  
  da9fbd8fb146ae92065daf8e34eaa1cfb9543599
- SHA256
  
  3dc7273fc6d0240f987d0d605fe357b45dc864a7fd956a498872a20b16327286
- SHA512
  
  5461b3594dff87487cd8d4787becea6b35abe441e69932a475d77783d02076f4996a4394b1c364a74b15f74f1d6b5334250820ecaa03450c2a788f3326c81999
- SSDEEP
  
  1536:EmIYjQDJGtyTwk+yzmzk3vgNJZOZbEWGmb+Q:EmIfFKy8k+yzmp1kbEWGhQ
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/dsengine.dll
- Size
  
  394KB
- MD5
  
  9b2390bae2b8d5955707ef45624ba546
- SHA1
  
  f46f1000de2bdcb5d1758f970400702310dbfad4
- SHA256
  
  f99e42bdf4ec929c76fd54574cec5c81e4fd5f48e2c5673afc69cec3830527b9
- SHA512
  
  0dc2d7d80875e94b76115d082317bf952d981afdfe67597f8d5e089b5839aa19b7c12e14f4484a247bfeba6d310ba21bed1c77daf9f22693f1c6fdd1255cb7cd
- SSDEEP
  
  6144:EQ4utWs6NeB/WMScxHOLCKX4FSP89xMjJQSLbmhNhDzcMWaW80c:EQLWs6CWMRKIFSP89xMjuA
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/mediaservice/dsengine.dll
- Size
  
  394KB
- MD5
  
  9b2390bae2b8d5955707ef45624ba546
- SHA1
  
  f46f1000de2bdcb5d1758f970400702310dbfad4
- SHA256
  
  f99e42bdf4ec929c76fd54574cec5c81e4fd5f48e2c5673afc69cec3830527b9
- SHA512
  
  0dc2d7d80875e94b76115d082317bf952d981afdfe67597f8d5e089b5839aa19b7c12e14f4484a247bfeba6d310ba21bed1c77daf9f22693f1c6fdd1255cb7cd
- SSDEEP
  
  6144:EQ4utWs6NeB/WMScxHOLCKX4FSP89xMjJQSLbmhNhDzcMWaW80c:EQLWs6CWMRKIFSP89xMjuA
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/mediaservice/qico.dll
- Size
  
  35KB
- MD5
  
  a58534a6abee4634fde27d26a85ac9e2
- SHA1
  
  49f582abe8132fe7489048440ca69599f81a6523
- SHA256
  
  47812f285c6fa9114f4a25fb4747a4e48259c4869974dc59bc72981312fee25b
- SHA512
  
  c8f0a6e2907d9d1bb85a83ba66fb6decf16587e9599699db06af3cbd7415a0f356c34cfeaa2d38f8c780028323460c73f26a62c4617a5e3aa63892d3b5d90a26
- SSDEEP
  
  384:uojQ0KCD1k7SeinbfMarSR+2YgVPH6ok7U0i3FK2i2wamrKYe3woUE258rwaZLsX:DLqlNOU0gzZUeuE9BVs4S
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  ExternalMenu24/App/imageformats/mediaservice/mediaservice/qjpeg.dll
- Size
  
  323KB
- MD5
  
  ea85b6bfc6f6bf1c9ae2f14a03cb7503
- SHA1
  
  7ad8d94683ca3d80ac5789fde6e4fa2c4ab8869c
- SHA256
  
  dede0ec14d4fd310f9aed0a81ff36063099915a093e6729d878da3cbbbc7a54b
- SHA512
  
  313cb3a6a241dc4e8f123ad8a57d91ea4ad119b70a8f8ff5ea9857002d48cedc2d59d1687087ae33449860b573d14e0a6800c3dccb51743a0eb32ec127900dbb
- SSDEEP
  
  3072:PjJXnHEpy9ih8dHODa93qetVZl7SCgSaemhwV/b2V+P6OyidpGSUhd1GDRj/xawf:bJXHLjEYiOyizR1j/xatBYeV3Gt5SE
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32