Overview

overview

8

Static

static

3

qq_pinyin_4.4_Dsn.exe

windows7-x64

7

qq_pinyin_4.4_Dsn.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$TEMP/TXSS...er.dll

windows7-x64

3

$TEMP/TXSS...er.dll

windows10-2004-x64

3

$TEMP/TXSS...UI.exe

windows7-x64

3

$TEMP/TXSS...UI.exe

windows10-2004-x64

3

$TEMP/TXSS...on.dll

windows7-x64

3

$TEMP/TXSS...on.dll

windows10-2004-x64

3

$TEMP/TXSS...ol.dll

windows7-x64

3

$TEMP/TXSS...ol.dll

windows10-2004-x64

3

$TEMP/TXSS...rm.dll

windows7-x64

3

$TEMP/TXSS...rm.dll

windows10-2004-x64

3

4.4.1105.4...ct.exe

windows7-x64

3

4.4.1105.4...ct.exe

windows10-2004-x64

3

4.4.1105.4...in.exe

windows7-x64

3

4.4.1105.4...in.exe

windows10-2004-x64

3

4.4.1105.4...il.dll

windows7-x64

3

4.4.1105.4...il.dll

windows10-2004-x64

3

4.4.1105.4...il.exe

windows7-x64

8

4.4.1105.4...il.exe

windows10-2004-x64

3

4.4.1105.4...64.dll

windows7-x64

1

4.4.1105.4...64.dll

windows10-2004-x64

1

4.4.1105.4...ud.exe

windows7-x64

3

4.4.1105.4...ud.exe

windows10-2004-x64

3

4.4.1105.4...ig.exe

windows7-x64

3

4.4.1105.4...ig.exe

windows10-2004-x64

3

4.4.1105.4...ce.exe

windows7-x64

3

4.4.1105.4...ce.exe

windows10-2004-x64

3

4.4.1105.4...ut.exe

windows7-x64

3

4.4.1105.4...ut.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-11-2024 23:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    qq_pinyin_4.4_Dsn.exe

  • Size

    19.1MB

  • MD5

    7e83a7da7d93a75887e6cc8b3c123364

  • SHA1

    7d53c0ac037aaf9e22bb35b7145395bb70b44048

  • SHA256

    147587b99acf08db4860477df77e616ebaab9d787befba40f006de1f6e2fa8c1

  • SHA512

    62e11091f2fbd0ea2e4df3cbaba403f5f6e98f352dddbd23c2c48a703e448da23aa1195cfaa29819f878a49bf639c3b596ff61374921c5c76ad6922c2fb50acf

  • SSDEEP

    393216:SjyiTyX6JKqpmiIQk/hJ5wngRINfzllQuBSgdr54R99sIoZF/O:ey8KGpbkpjwng0k6t4LdoZFW

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\qq_pinyin_4.4_Dsn.exe
    "C:\Users\Admin\AppData\Local\Temp\qq_pinyin_4.4_Dsn.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:5088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsyB4FA.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    0dc0cc7a6d9db685bf05a7e5f3ea4781

    SHA1

    5d8b6268eeec9d8d904bc9d988a4b588b392213f

    SHA256

    8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    SHA512

    814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsyB4FA.tmp\ioSpecial.ini
    Filesize

    607B

    MD5

    0deecd89f0ed1b49a7f8d2400abbd301

    SHA1

    1d1daf4cac097ce0aa41cbe8b097ccd98951604b

    SHA256

    68a2ed80e259b3f1ad298ec921d6f5cdadbad9c845855037e5f5cc23234aba7b

    SHA512

    b29497573ea32f87d7ee00b440393b1cce0ae37af065c7666b5f3242459dee6de924dd5f52770c0a7855abc2afdf17f64a590de4e3293f461e02071e7b19d502

    Download Submit