495f1ffb2f96c12fbeb167eeec44ef02c58be9a616f54aef8f827b94be347226

Sharing

Copy URL

Twitter E-mail

General

Target

495f1ffb2f96c12fbeb167eeec44ef02c58be9a616f54aef8f827b94be347226
Size

95KB
MD5

eb6470f3b1506e72887b3a173bcd937d
SHA1

30834e3c5e4549d0ff2fde690057ea8288091444
SHA256

495f1ffb2f96c12fbeb167eeec44ef02c58be9a616f54aef8f827b94be347226
SHA512

9b867e24132a617c302d62174ee90d7c31397d81cdb0983090024cae042e3bdaf2cc46016b8930cefbc271383711de5afab5069a9a2394da41b291293b493085
SSDEEP

768:7kyZhJ2re31rsZlgewb9HlaeZmWU4MCm2KIfDZXs:52y3JsZABlFm4MCRRbZ8

Score

N/A

Malware Config

Signatures

Files

495f1ffb2f96c12fbeb167eeec44ef02c58be9a616f54aef8f827b94be347226
.exe windows x64

80f974a6b5a6bcbe3de24a9aa51b8527

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

qt5core

??4QString@@QEAAAEAV0@AEBVQByteArray@@@Z
??0QString@@QEAA@AEBVQByteArray@@@Z
?fromUtf8@QString@@SA?AV1@PEBDH@Z
?toLocal8Bit@QString@@QEHAA?AVQByteArray@@XZ
?toLocal8Bit@QString@@QEGBA?AVQByteArray@@XZ
??YQString@@QEAAAEAV0@AEBV0@@Z
??YQString@@QEAAAEAV0@VQChar@@@Z
??4QString@@QEAAAEAV0@$$QEAV0@@Z
??YQByteArray@@QEAAAEAV0@AEBV0@@Z
??0QByteArray@@QEAA@AEBV0@@Z
??1QByteArray@@QEAA@XZ
?registerResource@QResource@@SA_NPEBEAEBVQString@@@Z
?number@QByteArray@@SA?AV1@_JH@Z
?clear@QByteArray@@QEAAXXZ
?writableLocation@QStandardPaths@@SA?AVQString@@W4StandardLocation@1@@Z
?setFileName@QFile@@QEAAXAEBVQString@@@Z
?isDigit@QCharRef@@QEBA_NXZ
?utf16@QString@@QEBAPEBGXZ
?readAll@QIODevice@@QEAA?AVQByteArray@@XZ
?tempPath@QDir@@SA?AVQString@@XZ
?hash@QCryptographicHash@@SA?AVQByteArray@@AEBV2@W4Algorithm@1@@Z
?applicationDirPath@QCoreApplication@@SA?AVQString@@XZ
?arguments@QCoreApplication@@SA?AVQStringList@@XZ
??1QCoreApplication@@UEAA@XZ
??0QCoreApplication@@QEAA@AEAHPEAPEADH@Z
?dispose@QListData@@SAXPEAUData@1@@Z
??0QString@@QEAA@PEBD@Z
?constData@QByteArray@@QEBAPEBDXZ
?data@QByteArray@@QEAAPEADXZ
??0QByteArray@@QEAA@XZ
??4QByteArray@@QEAAAEAV0@$$QEAV0@@Z
?qt_metacall@QObject@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QObject@@UEAAPEAXPEBD@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?staticMetaObject@QObject@@2UQMetaObject@@B
??0QString@@QEAA@XZ
??1QString@@QEAA@XZ
?front@QString@@QEAA?AVQCharRef@@XZ
?write@QIODevice@@QEAA_JAEBVQByteArray@@@Z
??0QCryptographicHash@@QEAA@W4Algorithm@0@@Z
??1QCryptographicHash@@QEAA@XZ
?addData@QCryptographicHash@@QEAA_NPEAVQIODevice@@@Z
?result@QCryptographicHash@@QEBA?AVQByteArray@@XZ
??8@YA_NAEBVQString@@0@Z
?toNativeSeparators@QDir@@SA?AVQString@@AEBV2@@Z
?separator@QDir@@SA?AVQChar@@XZ
?read@QIODevice@@QEAA?AVQByteArray@@_J@Z
??0QString@@QEAA@AEBV0@@Z
?write@QIODevice@@QEAA_JPEBD@Z
?close@QFileDevice@@UEAAXXZ
??4QString@@QEAAAEAV0@AEBV0@@Z
?right@QString@@QEBA?AV1@H@Z
?number@QString@@SA?AV1@_JH@Z
?machineUniqueId@QSysInfo@@SA?AVQByteArray@@XZ
??0QFile@@QEAA@AEBVQString@@@Z
??1QFile@@UEAA@XZ
?open@QFile@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?toHex@QByteArray@@QEBA?AV1@XZ
??0QObject@@QEAA@PEAV0@@Z
??1QObject@@UEAA@XZ
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?hash@QMessageAuthenticationCode@@SA?AVQByteArray@@AEBV2@0W4Algorithm@QCryptographicHash@@@Z
??0QFile@@QEAA@XZ

kernel32

GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
GetModuleHandleW
GetCommandLineW
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
WideCharToMultiByte
RtlCaptureContext
IsDebuggerPresent
LoadLibraryA
CreateProcessW
LocalFree
GetProcAddress
CloseHandle
RtlVirtualUnwind
Sleep
WaitForSingleObject
WriteFile
GetCurrentProcess
RtlLookupFunctionEntry
UnhandledExceptionFilter

advapi32

OpenProcessToken

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__C_specific_handler
__current_exception_context
__std_terminate
__current_exception

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_exit
_cexit
exit
_get_narrow_winmain_command_line
_initialize_narrow_environment
_configure_narrow_argv
_initterm_e
_set_app_type
_seh_filter_exe
_c_exit
_register_thread_local_exe_atexit_callback
_initterm
_crt_atexit
_register_onexit_function
_initialize_onexit_table
terminate

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
malloc
free

shell32

CommandLineToArgvW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80f974a6b5a6bcbe3de24a9aa51b8527

Headers

DLL Characteristics

File Characteristics

Imports

userenv

qt5core

kernel32

advapi32

vcruntime140_1

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

shell32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 768B

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 512B - Virtual size: 120B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 768B

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 512B - Virtual size: 120B