Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

24a0e43470...e2.exe

windows7-x64

10

24a0e43470...e2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24a0e43470944c95b23b7b7f2e26cb973066c7a964056fb63e220e737c6dc4e2

  • Size

    1.6MB

  • Sample

    250314-1sd93azwcs

  • MD5

    8a935b4c1e4a18e4ee154952516ad2a9

  • SHA1

    e98790359ab5beefd5a9b8488d31879abedce378

  • SHA256

    24a0e43470944c95b23b7b7f2e26cb973066c7a964056fb63e220e737c6dc4e2

  • SHA512

    cdec7bc0012611d0ed2cc731bb725580781be226d91e539339c1c401e3e9eceb65b12202a9b52f09443638def603a1ffe8dde37313f7bc698b8895cd8f25ded9

  • SSDEEP

    768:5BBdFYDgao5/AUrLEEzayTpBJfxBDlxcFNXK8D1Foj/:5pcC/eAayJ3Rx0g

Score
10/10
qqpassdiscoverypersistencetrojan

Malware Config

Extracted

Family

qqpass

C2

http://www.zigui.org/article.php?id=103601

Attributes
  • user_agent

    Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Targets

    • Target

      24a0e43470944c95b23b7b7f2e26cb973066c7a964056fb63e220e737c6dc4e2

    • Size

      1.6MB

    • MD5

      8a935b4c1e4a18e4ee154952516ad2a9

    • SHA1

      e98790359ab5beefd5a9b8488d31879abedce378

    • SHA256

      24a0e43470944c95b23b7b7f2e26cb973066c7a964056fb63e220e737c6dc4e2

    • SHA512

      cdec7bc0012611d0ed2cc731bb725580781be226d91e539339c1c401e3e9eceb65b12202a9b52f09443638def603a1ffe8dde37313f7bc698b8895cd8f25ded9

    • SSDEEP

      768:5BBdFYDgao5/AUrLEEzayTpBJfxBDlxcFNXK8D1Foj/:5pcC/eAayJ3Rx0g

    Score
    10/10
    qqpassdiscoverypersistencetrojan

    • QQpass

      QQpass is a trojan written in C++..

      trojanqqpass

    • Qqpass family

      qqpass

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks