Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

8ce35956c1...a0.exe

windows7-x64

10

8ce35956c1...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ce35956c1cdaa3c4a7e4d2b28b5bb870e62b0c06389d78a52bc98bb2dd249a0

  • Size

    80KB

  • Sample

    250316-jnk4daynx4

  • MD5

    40d2893bcbfe5499545506adb6f94747

  • SHA1

    01bc59b477f4112c634a93666483ab49129ca6a3

  • SHA256

    8ce35956c1cdaa3c4a7e4d2b28b5bb870e62b0c06389d78a52bc98bb2dd249a0

  • SHA512

    e3a0cff08e19fdab016d104e49984abdc547f3d65246ae88b6fadc0286402d9ab4d99ffbc64969b5b8f91e10921d877c45e3dbd98dd100cda429845d3205d42f

  • SSDEEP

    1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOO/7rS:GhfxHNIreQm+HiD/7rS

Score
10/10
qqpassdiscoverypersistencetrojan

Malware Config

Extracted

Family

qqpass

C2

http://www.zigui.org/article.php?id=103822

Attributes
  • url

    http://www.mxm9191.com/myrunner_up.exe

  • user_agent

    Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Targets

    • Target

      8ce35956c1cdaa3c4a7e4d2b28b5bb870e62b0c06389d78a52bc98bb2dd249a0

    • Size

      80KB

    • MD5

      40d2893bcbfe5499545506adb6f94747

    • SHA1

      01bc59b477f4112c634a93666483ab49129ca6a3

    • SHA256

      8ce35956c1cdaa3c4a7e4d2b28b5bb870e62b0c06389d78a52bc98bb2dd249a0

    • SHA512

      e3a0cff08e19fdab016d104e49984abdc547f3d65246ae88b6fadc0286402d9ab4d99ffbc64969b5b8f91e10921d877c45e3dbd98dd100cda429845d3205d42f

    • SSDEEP

      1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOO/7rS:GhfxHNIreQm+HiD/7rS

    Score
    10/10
    qqpassdiscoverypersistencetrojan

    • QQpass

      QQpass is a trojan written in C++..

      trojanqqpass

    • Qqpass family

      qqpass

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks