MQsTTang - Chinese Hackers Using Custom Malware To Evade AV Detection
Tags
country: Germany Japan Taiwan Ukraine
attack-pattern: Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 83469e8c-686e-4613-8382-d0c1c4a67094
Fingerprint 65259bb9b2bacd93
Analysis status DONE
Considered CTI value 2
Text language
Published March 6, 2023, 4:38 a.m.
Added to db March 6, 2023, 7:22 a.m.
Last updated Nov. 12, 2024, 3:53 p.m.
Headline MQsTTang – Chinese Hackers Using Custom Malware To Evade AV Detection
Title MQsTTang - Chinese Hackers Using Custom Malware To Evade AV Detection
Detected Hints/Tags/Attributes 42/2/25
Source URLs
Redirection Url
Details Source https://gbhackers.com/mqsttang/
URL Provider
Details Provider Source level domain
Details gbhackers.com gbhackers.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 162 https://media.cert.europa.eu/rss?type=category&id=APTFilter&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
korplug.th
Details File 4 
amb.rar
Details File 4 
affairs.exe
Details File 9 
documents.rar
Details File 3 
japan.exe
Details File 4 
germany.exe
Details File 2 
boomeranglib.dll
Details File 2 
breakpad.dll
Details File 6 
coreclr.dll
Details File 5 
hpcustpartui.dll
Details File 40 
libcef.dll
Details sha1 2 
a1c660d31518c8afaa6973714de30f3d576b68fc
Details sha1 2 
430c2ef474c7710345b410f49df853bdeafbdd78
Details sha1 2 
f1a8bf83a410b99ef0e7fdf7ba02b543b9f0e66c
Details sha1 2 
02d95e0c369b08248bffaac8607bba119d83b95b
Details sha1 2 
0ea5d10399524c189a197a847b8108aa8070f1b1
Details sha1 2 
982ccaf1cb84f6e44e9296c7a1dde2ce6a09d7bb
Details sha1 2 
740c8492dda786e2231a46bfc422a2720db0279a
Details sha1 3 
ab01e099872a094dc779890171a11764de8b4360
Details sha1 2 
61a2d34625706f17221c1110d36a435438bc0665
Details sha1 2 
30277f3284bceef0adc5e9d45b66897fa8828bfd
Details sha1 2 
bee0b741142a9c392e05e0443aae1fa41ef512d6
Details sha1 2 
f6f3343f64536bf98de7e287a7419352bf94eb93
Details sha1 2 
f848c4f3b9d7f3fe1db3847370f8eefaa9bf60f1
Details Windows Registry Key 188 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run