6710f6c71ba74736003dcfd8fd0fc64e918cfa6fc923bd6fbf8bcecebfb4826f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

win32-Quickq1.5.6.exe

windows7-x64

3

win32-Quickq1.5.6.exe

windows10-2004-x64

7

Sharing

General

Target

win32-Quickq1.5.6.exe.v
Size

115.6MB
Sample

241001-g2knnayemc
MD5

2fa7d6bc7f4104ef801e07c55e1366c2
SHA1

3b8444be310dafe100072e5cec8530f92c70f941
SHA256

6710f6c71ba74736003dcfd8fd0fc64e918cfa6fc923bd6fbf8bcecebfb4826f
SHA512

7bf5d58a9d707d8a1ef74a74436ecdae58a654ff94e5006ab2fb98c3bed20088ad09dbcd8ba4a1e4ca92b7c8036cbeb3dfa3ba06290b65da7f4ccc9ecfb7c52d
SSDEEP

3145728:eQwQQ81Cvx8qC2G3fwe8O2YxkkCa+w0SPh5BU70yfJS:LxQ2CvyPpnxKJwdJ1yf

Score

7^/10

discovery evasion trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

win32-Quickq1.5.6.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

win32-Quickq1.5.6.exe

Resource

win10v2004-20240802-en

discovery evasion trojan

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  win32-Quickq1.5.6.exe.v
- Size
  
  115.6MB
- MD5
  
  2fa7d6bc7f4104ef801e07c55e1366c2
- SHA1
  
  3b8444be310dafe100072e5cec8530f92c70f941
- SHA256
  
  6710f6c71ba74736003dcfd8fd0fc64e918cfa6fc923bd6fbf8bcecebfb4826f
- SHA512
  
  7bf5d58a9d707d8a1ef74a74436ecdae58a654ff94e5006ab2fb98c3bed20088ad09dbcd8ba4a1e4ca92b7c8036cbeb3dfa3ba06290b65da7f4ccc9ecfb7c52d
- SSDEEP
  
  3145728:eQwQQ81Cvx8qC2G3fwe8O2YxkkCa+w0SPh5BU70yfJS:LxQ2CvyPpnxKJwdJ1yf
Score

7^/10

discovery evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasiontrojan

© 2018-2025

Terms | Privacy