96bac43faac2b1fa5e0bc495975b2e642af5da181e313a9c8f541912b83c0edb | Triage

Sharing

General

Target

qbittorrent_4.6.4_x64_setup_1.exe
Size

34.0MB
Sample

240902-rgel1ssgqg
MD5

918224925563095d15dbab7c34b3bf17
SHA1

33902285adf411e5824547e849a4adcfc6531114
SHA256

96bac43faac2b1fa5e0bc495975b2e642af5da181e313a9c8f541912b83c0edb
SHA512

4d6bd949693ea60671ddb8dc19ec87d8e02bf4888aca290318488ca696e495e13bf49161ac8f75cfff9befb72589ab2bedcd1138fa9d81c5bf071191d6344b28
SSDEEP

786432:7KMXiEtPqJO5MB3/UOd64S49KmFRc85C2uWF3Dzn:7DXioy0DOd6o1HtuW5/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  qbittorrent_4.6.4_x64_setup_1.exe
- Size
  
  34.0MB
- MD5
  
  918224925563095d15dbab7c34b3bf17
- SHA1
  
  33902285adf411e5824547e849a4adcfc6531114
- SHA256
  
  96bac43faac2b1fa5e0bc495975b2e642af5da181e313a9c8f541912b83c0edb
- SHA512
  
  4d6bd949693ea60671ddb8dc19ec87d8e02bf4888aca290318488ca696e495e13bf49161ac8f75cfff9befb72589ab2bedcd1138fa9d81c5bf071191d6344b28
- SSDEEP
  
  786432:7KMXiEtPqJO5MB3/UOd64S49KmFRc85C2uWF3Dzn:7DXioy0DOd6o1HtuW5/
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  b4faf654de4284a89eaf7d073e4e1e63
- SHA1
  
  8efcfd1ca648e942cbffd27af429784b7fcf514b
- SHA256
  
  c0948b2ec36a69f82c08935fac4b212238b6792694f009b93b4bdb478c4f26e3
- SHA512
  
  eef31e332be859cf2a64c928bf3b96442f36fe51f1a372c5628264a0d4b2fc7b3e670323c8fb5ffa72db995b8924da2555198e7de7b4f549d9e0f9e6dbb6b388
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  50016010fb0d8db2bc4cd258ceb43be5
- SHA1
  
  44ba95ee12e69da72478cf358c93533a9c7a01dc
- SHA256
  
  32230128c18574c1e860dfe4b17fe0334f685740e27bc182e0d525a8948c9c2e
- SHA512
  
  ed4cf49f756fbf673449dca20e63dce6d3a612b61f294efc9c3ccebeffa6a1372667932468816d3a7afdb7e5a652760689d8c6d3f331cedee7247404c879a233
- SSDEEP
  
  48:S46+/pTKYKxbWsptIp5tCZ0iVEAWyMEv9v/ft2O2B8m/ofjLl:zbuPbO5tCZBVEAWyMEFv2CmCL
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1d8f01a83ddd259bc339902c1d33c8f1
- SHA1
  
  9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
- SHA256
  
  4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
- SHA512
  
  28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
- SSDEEP
  
  96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsisFirewallW.dll
- Size
  
  8KB
- MD5
  
  f5bf81a102de52a4add21b8a367e54e0
- SHA1
  
  cf1e76ffe4a3ecd4dad453112afd33624f16751c
- SHA256
  
  53be5716ad80945cb99681d5dbda60492f5dfb206fbfdb776b769b3eeb18d2c2
- SHA512
  
  6e280a75f706474ad31b2ce770fa34f54cb598528fac4477c466200a608b79c0f9b84011545595d9ba94331ad08e2f51bd42de91f92379db27686a28ba351256
- SSDEEP
  
  96:8SMPv+eLDUDp+weLv2lstU+0IgNB2Aa20kdArfOwJKbFrMiRsuHdRYL:wnxLDUwp6sgN2RDrzJMMmsuYL
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  qbittorrent.exe
- Size
  
  30.8MB
- MD5
  
  b9dfd00c5fbb9cfaa2c4e1b3f9e218bf
- SHA1
  
  4dad2d51c73dffdd2cfc4d17146ac0253d74e3bf
- SHA256
  
  1fac780feaa2e263dbd0ee2103d1815d97b4d6a676f5b83e9320120dc15ee6bb
- SHA512
  
  baec0664acfb41b96939f6462df5b9390f6cec16e71960f77ead222ad2bdf7f5f8bc4cb1937413472d4abe1ff6053eb8e89a9a6291c7b979138272dac780ab6c
- SSDEEP
  
  393216:Q943f9XQuqc+GJi2piZ09Br9UhfrZfndOj/HS4UfrBq9BKFdu9CwJsv6t/kubD:QuZfyrZgqrAZbD
Score

1^/10
behavioral15 behavioral16
- Target
  
  uninst.exe
- Size
  
  140KB
- MD5
  
  f32962b1f79d5132fff8267a04b9c46c
- SHA1
  
  d7886c2c455b72259281a768bb9d149a1aa44eb7
- SHA256
  
  c917c60b1bb35ed4677b1631c3b06574fc034fd45ed901051545396ff74a783c
- SHA512
  
  fcc1fad8532eb5c94953a7ed3235de29f83732ed62db5b326c758711610d89befb0cca213a2f3bb15768530ddb3fb2a4483ee1bc9cdec51c5841a6998aebe170
- SSDEEP
  
  3072:dnPdzuK8Jdw4TMJw3uXceAu3qPgn2yiG01NiP9roOVkMVoIq5X7o:dnPdudwDzmuPn2yimP99lxn
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  b4faf654de4284a89eaf7d073e4e1e63
- SHA1
  
  8efcfd1ca648e942cbffd27af429784b7fcf514b
- SHA256
  
  c0948b2ec36a69f82c08935fac4b212238b6792694f009b93b4bdb478c4f26e3
- SHA512
  
  eef31e332be859cf2a64c928bf3b96442f36fe51f1a372c5628264a0d4b2fc7b3e670323c8fb5ffa72db995b8924da2555198e7de7b4f549d9e0f9e6dbb6b388
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  50016010fb0d8db2bc4cd258ceb43be5
- SHA1
  
  44ba95ee12e69da72478cf358c93533a9c7a01dc
- SHA256
  
  32230128c18574c1e860dfe4b17fe0334f685740e27bc182e0d525a8948c9c2e
- SHA512
  
  ed4cf49f756fbf673449dca20e63dce6d3a612b61f294efc9c3ccebeffa6a1372667932468816d3a7afdb7e5a652760689d8c6d3f331cedee7247404c879a233
- SSDEEP
  
  48:S46+/pTKYKxbWsptIp5tCZ0iVEAWyMEv9v/ft2O2B8m/ofjLl:zbuPbO5tCZBVEAWyMEFv2CmCL
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/nsisFirewallW.dll
- Size
  
  8KB
- MD5
  
  f5bf81a102de52a4add21b8a367e54e0
- SHA1
  
  cf1e76ffe4a3ecd4dad453112afd33624f16751c
- SHA256
  
  53be5716ad80945cb99681d5dbda60492f5dfb206fbfdb776b769b3eeb18d2c2
- SHA512
  
  6e280a75f706474ad31b2ce770fa34f54cb598528fac4477c466200a608b79c0f9b84011545595d9ba94331ad08e2f51bd42de91f92379db27686a28ba351256
- SSDEEP
  
  96:8SMPv+eLDUDp+weLv2lstU+0IgNB2Aa20kdArfOwJKbFrMiRsuHdRYL:wnxLDUwp6sgN2RDrzJMMmsuYL
Score

3^/10

discovery
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28