Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
102755.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
102755.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
TXRTN_0699964.lnk
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
TXRTN_0699964.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
WindowsCodecs.dll
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
WindowsCodecs.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
calc.exe
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
calc.exe
Resource
win10v2004-20220414-en
Target
Qbot.zip
Size
667KB
MD5
4a8bda8b0cd4f967ba4ddacd3e870cd9
SHA1
5afa086e1e78ef817d2b5f67490c4d8c7b059cc6
SHA256
50c4b4ecf38e43b92293b1add79f95f61d27f1c39adea28c97d1cf98892e70b2
SHA512
7dd0f0f8374d63bf7183118c1f860e60327bfd84e155560fe6be77af896c335f5a940857ca889b74b3518593022d09778179737a3348ec28940c658ed98ee46e
SSDEEP
12288:WQx/px8kNXZQe4qkgacvnIv7VdCC5jyjjdURWd6Uw+VlM1pgOpSlzE9/i:WQxxBJtNF9IJY2yjjd96Zwl3Eo
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetCurrentProcess
OutputDebugStringA
GetEnvironmentVariableW
OutputDebugStringW
lstrcatW
CloseHandle
ExitProcess
CreateProcessW
IsWow64Process
MessageBoxA
DllInstall
DllRegisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
SHGetSpecialFolderPathW
SHGetFolderPathW
ShellAboutW
ord165
ShellExecuteExW
ord225
GdipDrawLineI
GdipDrawArcI
GdipFillRectangleI
GdipCloneBrush
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDrawImageRectI
GdipSetInterpolationMode
GdipSetPageUnit
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegGetValueW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
CloseServiceHandle
RegCreateKeyExW
RegCloseKey
EventWrite
EventUnregister
EventRegister
SysAllocString
SysStringLen
VariantInit
SysAllocStringByteLen
SysFreeString
VariantClear
IsThemeActive
CoInitialize
CoUninitialize
CoCreateInstance
ImageList_Destroy
ImageList_Add
ImageList_Create
ord413
CreatePropertySheetPageW
PropertySheetW
ord380
ord410
ord392
WinSqmAddToStreamEx
WinSqmIncrementDWORD
WinSqmAddToStream
NtQueryLicenseValue
RtlInitUnicodeString
lstrlenA
WideCharToMultiByte
GetStartupInfoA
OutputDebugStringA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetModuleHandleW
GetSystemTime
SetEvent
CloseHandle
WaitForSingleObject
CreateThread
CreateEventW
ResetEvent
lstrcmpW
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
MulDiv
GlobalFindAtomW
GetLastError
InterlockedDecrement
MultiByteToWideChar
GetLocalTime
GetLocaleInfoW
GetDateFormatW
InterlockedIncrement
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpiW
GetLocaleInfoEx
GetProcAddress
LoadLibraryW
FreeLibrary
DelayLoadFailureHook
InterlockedCompareExchange
LoadLibraryExA
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExW
InterlockedExchange
FreeLibraryAndExitThread
GetFileAttributesW
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
IsWow64Process
GetCurrentProcess
GetModuleFileNameW
LocalFree
LocalReAlloc
LocalAlloc
GetProfileStringW
lstrlenW
CompareStringW
ApplicationRecoveryInProgress
Sleep
ApplicationRecoveryFinished
RegisterApplicationRecoveryCallback
RegisterApplicationRestart
CompareFileTime
SystemTimeToFileTime
GetTempFileNameW
FileTimeToSystemTime
DeleteFileW
CreateFileW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
GetSysColor
SetClassLongW
GetClassLongW
DrawMenuBar
SetMenuItemInfoW
AppendMenuW
RemoveMenu
GetSubMenu
GetWindowLongW
InsertMenuItemW
SetWindowLongW
IsWindowEnabled
PostMessageW
CharNextA
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
GetMenuState
IsClipboardFormatAvailable
DefWindowProcW
InvalidateRect
PostQuitMessage
GetFocus
DispatchMessageW
TranslateMessage
GetMessageExtraInfo
TranslateAcceleratorW
GetMessageW
SetForegroundWindow
SetWindowPlacement
RegisterClassExW
DrawTextW
ReleaseDC
GetDC
GetSystemMetrics
EnumChildWindows
SetPropW
GetMenu
CheckRadioButton
UpdateWindow
SendDlgItemMessageW
IsDlgButtonChecked
MoveWindow
GetDlgItemInt
SetDlgItemInt
CheckMenuItem
GetNextDlgTabItem
OffsetRect
GetMonitorInfoW
MonitorFromWindow
CopyRect
IntersectRect
EnumDisplayMonitors
EqualRect
MonitorFromRect
GetClassWord
EnumDesktopWindows
GetProcessDefaultLayout
CreateDialogParamW
TrackPopupMenu
CreatePopupMenu
GetAncestor
FindWindowW
EndDialog
EnableMenuItem
DestroyWindow
MapWindowPoints
GetClassNameW
GetDlgItem
GetWindowRect
SetWindowPos
SendMessageW
LoadCursorW
SetCursor
GetKeyState
IsDialogMessageW
LoadAcceleratorsW
GetWindowTextLengthW
GetWindowTextW
EnableWindow
SetFocus
LoadStringW
SetWindowTextW
GetParent
GetClientRect
ShowWindow
GetWindowPlacement
LoadImageW
UnregisterClassA
FillRect
CheckMenuRadioItem
CreateWindowExW
MessageBeep
SystemParametersInfoW
DialogBoxParamW
UuidCreate
UuidToStringW
RpcStringFreeW
timeGetTime
GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW
EqualRgn
CreateDIBSection
DeleteObject
DeleteDC
GetTextExtentPointW
CreateFontIndirectW
CreateCompatibleDC
GetDeviceCaps
GetRgnBox
CreateSolidBrush
GetTextMetricsW
GetTextExtentPoint32W
GetObjectW
LineTo
MoveToEx
ExtCreatePen
CreateCompatibleBitmap
CreateRectRgn
CreateRectRgnIndirect
SetRectRgn
CombineRgn
SelectObject
CreatePatternBrush
SetTextColor
SetBkMode
GetStockObject
SetBkColor
wcsncmp
_wcsnicmp
iswdigit
_wcslwr_s
iswalpha
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
localeconv
memchr
strcspn
sprintf_s
_strtoi64
_strtoui64
_wcsdup
_i64tow_s
_wtoi64
wcsrchr
wcstoul
isalpha
time
difftime
memmove
_callnewh
__pctype_func
___lc_codepage_func
___lc_handle_func
_itow_s
___mb_cur_max_func
setlocale
__crtGetStringTypeW
__crtLCMapStringW
__mb_cur_max
tolower
isspace
abort
isalnum
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
__uncaught_exception
_except_handler4_common
_controlfp
_wtoi
_itoa
calloc
wcschr
_wcsicmp
_vsnwprintf
memcpy
wcscat_s
wcstol
wcscpy_s
exit
mbstowcs_s
toupper
isxdigit
isdigit
_ftol2_sse
memset
_ftol2
malloc
_purecall
free
??0exception@@QAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
memmove_s
memcpy_s
__CxxFrameHandler3
_errno
_wcsrev
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ