General
-
Target
qttabbar-v1.5.0.0b2.msi
-
Size
840KB
-
Sample
240630-sr38sszdke
-
MD5
eb955a2d87dce195b5899c1d40a30af6
-
SHA1
c85d6f4476b2d01b5457bddc67a037bdf47e8709
-
SHA256
e0dacd6acb15428d2ee6f068bf2e8979013071fd2ee3ccf4a88f687a06f0b908
-
SHA512
146ffdafd4f85808503867ca3687c777ac9267f67aa2b1bb169be3b125f9c012c3ab550bfc80fd3684ef912a6fc32ac5fb67f86d2d7cd3ff8f3e78e4b4cfc533
-
SSDEEP
12288:3P7sn3MdpZ+7VUqI3t4P3/WOe/dSP/B6iX4r8MtDVGEq+5B/FgRd:/7sn3K+7VU/9a/5bor8MjqUXgX
Static task
static1
Behavioral task
behavioral1
Sample
qttabbar-v1.5.0.0b2.msi
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
qttabbar-v1.5.0.0b2.msi
-
Size
840KB
-
MD5
eb955a2d87dce195b5899c1d40a30af6
-
SHA1
c85d6f4476b2d01b5457bddc67a037bdf47e8709
-
SHA256
e0dacd6acb15428d2ee6f068bf2e8979013071fd2ee3ccf4a88f687a06f0b908
-
SHA512
146ffdafd4f85808503867ca3687c777ac9267f67aa2b1bb169be3b125f9c012c3ab550bfc80fd3684ef912a6fc32ac5fb67f86d2d7cd3ff8f3e78e4b4cfc533
-
SSDEEP
12288:3P7sn3MdpZ+7VUqI3t4P3/WOe/dSP/B6iX4r8MtDVGEq+5B/FgRd:/7sn3K+7VU/9a/5bor8MjqUXgX
Score6/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Browser Extensions
1Event Triggered Execution
2Component Object Model Hijacking
1Installer Packages
1Privilege Escalation
Event Triggered Execution
2Component Object Model Hijacking
1Installer Packages
1