b3fda1ccc86d46a499cb30575dcbfdf7b7c184ea254ce6b822aa82308b6afa65 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

qz-tray-2....64.exe

windows10-2004-x64

8

Sharing

General

Target

qz-tray-2.2.2-x86_64.exe
Size

86.9MB
Sample

240919-hwtj2sweqh
MD5

0b7ce52792891397d5dfb85ec7f0cb10
SHA1

75fe709af4aafe91d6b0143a0b2e4668c51bec79
SHA256

b3fda1ccc86d46a499cb30575dcbfdf7b7c184ea254ce6b822aa82308b6afa65
SHA512

df01c6e13add7488bf09a0caf1fee3f60f0f3af6e07a55575b16011743f0a3db4a448264d43618bcfe3363d1253732b18d68f2d44b401fa7b2e6a3c737e7444a
SSDEEP

1572864:RcG7SIBUdEABAQTX6fff/SG/WAiRM65vCcmlsNcmMpHsDEvlYONLhmK:RcG2IKdqQL6fqG/E5vJNclpp6WLhmK

Score

8^/10

discovery evasion persistence privilege_escalation

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

qz-tray-2.2.2-x86_64.exe

Resource

win10v2004-20240802-en

discovery evasion persistence privilege_escalation

windows10-2004-x64

25 signatures

1200 seconds

Malware Config

Targets

- Target
  
  qz-tray-2.2.2-x86_64.exe
- Size
  
  86.9MB
- MD5
  
  0b7ce52792891397d5dfb85ec7f0cb10
- SHA1
  
  75fe709af4aafe91d6b0143a0b2e4668c51bec79
- SHA256
  
  b3fda1ccc86d46a499cb30575dcbfdf7b7c184ea254ce6b822aa82308b6afa65
- SHA512
  
  df01c6e13add7488bf09a0caf1fee3f60f0f3af6e07a55575b16011743f0a3db4a448264d43618bcfe3363d1253732b18d68f2d44b401fa7b2e6a3c737e7444a
- SSDEEP
  
  1572864:RcG7SIBUdEABAQTX6fff/SG/WAiRM65vCcmlsNcmMpHsDEvlYONLhmK:RcG2IKdqQL6fqG/E5vJNclpp6WLhmK
Score

8^/10

discovery evasion persistence privilege_escalation
- Modifies Windows Firewall
  evasion
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalation

© 2018-2025

Terms | Privacy