General

  • Target

    Qualcomm-HS-USB-QDLoader-9008-Driver.zip

  • Size

    17.0MB

  • Sample

    241114-dzzs1stgqm

  • MD5

    357dab5497f78ffa3afb9a7e145d8930

  • SHA1

    79e38c84ca38cec95cd6b43947acd8dfb15ab5c4

  • SHA256

    13f4930d50147bf979600dce87868815732f6bfebc182c6fd82270f55e6ab04e

  • SHA512

    5bbb4742893e9b6109ec759954f6065f42652538b4245e42986c0c57da0df1ec0cdf41466206c660ef4f4c2770c35eddd1e1471b8c6c91ca63472663c8662db2

  • SSDEEP

    393216:hifFf0ZeSN/xCji98lHz0ABvXeCaerhVN/MoKSe2k79:AdfKeqEjim900u5erH6oKSe2M

Malware Config

Targets

    • Target

      Qualcomm_HS-USB_QDLoader_9008_Driver/How to Install.url

    • Size

      249B

    • MD5

      04e75333a01128750fce425490a9bff4

    • SHA1

      83d1155eb377f545e718901545250ef9f97a747c

    • SHA256

      dd2737012603908e49b601a0d2837b3e50bd188c25af93d8554c37d5c4d2a7e8

    • SHA512

      6cbb2bbf88519c75d28efc813e224ec9c29c0d9acedcf0425355ad769919c5f1f288819a410153532f9566510058e07d017ca4595d7e8262901209085fefe034

    Score
    1/10
    • Target

      Qualcomm_HS-USB_QDLoader_9008_Driver/QDLoader HS-USB Driver_32bit_Setup.exe

    • Size

      8.1MB

    • MD5

      6099dff4878f020abb85a520235941d5

    • SHA1

      aa9956c9756a42abb2e35b6bbbb7cafe4efaa74c

    • SHA256

      a8567a50adfb307cdc979a8627045d33b42c18350e50191f7052241e7bdafc8e

    • SHA512

      e2e2956eb9fc181a439f93f3ee7b2c63a665903a571a1687ad40cd731d3167f3b12e4937a4a3a1267cd1d51f2b6c0ab377fc48a0f519ee30d0db18a4f764b697

    • SSDEEP

      196608:E+tPHwBW3gYrtIXgWfJqOFdv5Wr/lDuvsivd7uA0yPi9x0rgG9Vba8cTfqVVoV94:E8HqXBf4JZKka7WyiCWLq0Ne

    • Modifies boot configuration data using bcdedit

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Target

      Qualcomm_HS-USB_QDLoader_9008_Driver/QDLoader HS-USB Driver_64bit_Setup.exe

    • Size

      13.0MB

    • MD5

      906c4effd6a20be22ea026a43a3cb7b3

    • SHA1

      89df6ca0d893d9355741d8ca11cdebea1fbbb095

    • SHA256

      08e5e7e5f30801b363f08a6106425faa1c505bd048a18c846a5b3e5959a4998e

    • SHA512

      fa866adaa965c98e809a3efc57550c5c9464668f619922e9b769550fc58623b3815cfbbf1473877e551a7f0d9a6634a7b02157eb2b8e1156ca2c892c32063c2e

    • SSDEEP

      393216:TjnUwmatWZ+mgSbBXxKqLupZr6KbkeJO2:TjnJmapSDsu7eN

    • Modifies boot configuration data using bcdedit

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks