d72ee9622f7d6bf9070a697bae8a7f611c66b22336edeb93b558da668a031fe6

Sharing

Copy URL

Twitter E-mail

General

Target

d72ee9622f7d6bf9070a697bae8a7f611c66b22336edeb93b558da668a031fe6
Size

529KB
MD5

7c4c849c937bfd94e7a052afd1690440
SHA1

d6f8257063826c3c8ad6f5a00b407ef147827e72
SHA256

d72ee9622f7d6bf9070a697bae8a7f611c66b22336edeb93b558da668a031fe6
SHA512

ecec688f42c4a72b8509f34a7e38ee6f41407af021d405a29217ca89170241ae5c7b66b20e3674dc69b894c8f7eb5bca4c5ddc6ca61048feb4e56c00c6810dce
SSDEEP

12288:069bh7sVJDD3E6EIuH7ElI0w52ZJ4UJPJJxobhyjS:069bh7sLEIuHyzf

Score

N/A

Malware Config

Signatures

Files

d72ee9622f7d6bf9070a697bae8a7f611c66b22336edeb93b558da668a031fe6
.exe windows x86

53951c01a3d88e25bf6898e071dc99a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

core

_ZN11CommonUtils11GetSettingsE7QStringS0_
_ZN11CommonUtils12resetRestartEv
_ZN11CommonUtils14ThreadCountDecE7QStringS0_
_ZN11CommonUtils14ThreadCountIncE7QStringS0_
_ZN11CommonUtils15WaitThreadsStopEv
_ZN11CommonUtils17ResetShutDownFlagEv
_ZN11CommonUtils20GetPluginLibraryPathEv
_ZN11CommonUtils9IsRestartEv
_ZN7StartupC1Eb
_ZN7StartupD1Ev

sdk

UTPS_GetLogDirectory
UTPS_Shutdown
UTPS_Startup
_Z13UTPS_SDK_INITv
_Z15UTPS_SDK_UNINITv

kernel32

CloseHandle
CreateMutexA
CreateSemaphoreA
ExitProcess
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

mingwm10

__mingwthr_key_dtor

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fclose
fflush
fopen
fprintf
fputc
fputs
free
fwrite
malloc
realloc
signal
sprintf
strcmp
strcpy

user32

GetDesktopWindow
GetPropA
GetWindow
IsWindow
SendMessageW

libgcc_s_dw2-1

_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__deregister_frame_info
__emutls_get_address
__register_frame_info

qtcore4

_Z15qAddPostRoutinePFvvE
_Z18qInstallMsgHandlerPFv9QtMsgTypePKcE
_Z5qFreePv
_Z6qDebugPKcz
_Z7qMemSetPvij
_Z8qWinMainP11HINSTANCE__S0_PciRiR7QVectorIS1_E
_Z9qBadAllocv
_Z9qCriticalPKcz
_ZN10QByteArray7reallocEi
_ZN11QVectorData10reallocateEPS_iii
_ZN11QVectorData4freeEPS_i
_ZN11QVectorData8allocateEii
_ZN16QCoreApplication14addLibraryPathERK7QString
_ZN16QCoreApplication18setApplicationNameERK7QString
_ZN16QCoreApplication19applicationFilePathEv
_ZN16QCoreApplication19setOrganizationNameERK7QString
_ZN16QCoreApplication21setOrganizationDomainERK7QString
_ZN16QCoreApplication9argumentsEv
_ZN4QDir10setCurrentERK7QString
_ZN5QTime11currentTimeEv
_ZN5QTime5startEv
_ZN6QMutex4lockEv
_ZN6QMutex6unlockEv
_ZN6QMutexC1ENS_13RecursionModeE
_ZN6QMutexD1Ev
_ZN7QString11shared_nullE
_ZN7QString14fromWCharArrayEPKwi
_ZN7QString16codecForCStringsE
_ZN7QString16fromAscii_helperEPKci
_ZN7QString4freeEPNS_4DataE
_ZN7QString6appendERKS_
_ZN7QString9fromAsciiEPKci
_ZN7QString9fromUtf16EPKti
_ZN7QStringaSERKS_
_ZNK5QTime7elapsedEv
_ZNK5QTime8toStringERK7QString
_ZNK7QString11lastIndexOfERKS_iN2Qt15CaseSensitivityE
_ZNK7QString11toLocal8BitEv
_ZNK7QString5rightEi
_ZNK7QString5toIntEPbi
_ZNK7QString5utf16Ev
_ZNK7QString7toAsciiEv
_ZNK7QStringeqERK13QLatin1String
_ZNK7QStringeqERKS_

qtgui4

_ZN12QApplication13setWindowIconERK5QIcon
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPci
_ZN5QIconC1ERK7QString
_ZN5QIconD1Ev

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 168B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 457KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

exmtblf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53951c01a3d88e25bf6898e071dc99a7

Headers

File Characteristics

Imports

core

sdk

kernel32

mingwm10

msvcrt

user32

libgcc_s_dw2-1

qtcore4

qtgui4

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 26KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 168B

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 457KB - Virtual size: 458KB

exmtblf Size: - Virtual size: 4KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 26KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 168B

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 457KB - Virtual size: 458KB

exmtblf
Size: - Virtual size: 4KB