df8d6b5d2175d81d8adc03cc13da03ffb1042637ea5615c99004457255184fdc

Sharing

Copy URL

Twitter E-mail

General

Target

df8d6b5d2175d81d8adc03cc13da03ffb1042637ea5615c99004457255184fdc
Size

393KB
MD5

63e20ac84e637c6c3d030d45deac280b
SHA1

b02f875f03f66af5ded241a913b1853e38ce3471
SHA256

df8d6b5d2175d81d8adc03cc13da03ffb1042637ea5615c99004457255184fdc
SHA512

264d2e100ac037d353be62dd35333de4e1da3312e022ebeaad617b914a8b055c4d1b639ff14bccab97a068a66bcd6280931ad34e473b068dc04522746902b311
SSDEEP

12288:GmDB5+bDXiz6zoxnin24iwEH4SVGfr+Rp3taEpeJGnlcDhO9pgZG0BJKvyL8z:Izoxnin24iD0EpeycDhO98hYz

Score

N/A

Malware Config

Signatures

Files

df8d6b5d2175d81d8adc03cc13da03ffb1042637ea5615c99004457255184fdc
.exe windows x86

9bf73b5f49ddc023a7009bcfc5c1324a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindAtomA
GetAtomNameA
GetCommandLineA
GetLastError
GetModuleHandleW
GetStartupInfoW
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

mingwm10

__mingwthr_key_dtor

msvcrt

_fdopen
_read
_strdup
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_ctype
_errno
_filelengthi64
_fstati64
_iob
_lseeki64
_onexit
_setmode
abort
atexit
fclose
fflush
fgetpos
fopen
fputc
fread
free
fsetpos
fwrite
getc
getenv
localeconv
malloc
memchr
memcpy
memmove
memset
putc
setlocale
setvbuf
signal
strcmp
strcoll
strcpy
strftime
strlen
strtod
strxfrm
ungetc
vfprintf
wcslen

qt-mt338

_Z4endlR11QTextStream
_Z5flushR11QTextStream
_Z8qWarningPKcz
_Z8qWinMainP11HINSTANCE__S0_PciRiR9QMemArrayIS1_E
_ZN11QDomElement12setAttributeERK7QStringS2_
_ZN11QDomElementD1Ev
_ZN11QMessageBox11informationEP7QWidgetRK7QStringS4_S4_S4_S4_ii
_ZN11QStringData10deleteSelfEv
_ZN11QTextStreamC1EP9QIODevice
_ZN11QTextStreamD1Ev
_ZN11QTextStreamlsEPKc
_ZN11QTextStreamlsERK7QString
_ZN12QApplicationC1ERiPPc
_ZN12QApplicationD1Ev
_ZN12QDomDocument10setContentEP9QIODeviceP7QStringPiS4_
_ZN12QDomDocument13createElementERK7QString
_ZN12QDomDocumentC1Ev
_ZN12QDomNodeListD1Ev
_ZN12QSqlDatabase11addDatabaseERK7QStringS2_
_ZN12QSqlDatabase11transactionEv
_ZN12QSqlDatabase17defaultConnectionE
_ZN12QSqlDatabase4openEv
_ZN12QSqlDatabase6commitEv
_ZN12QSqlDatabase8rollbackEv
_ZN13QListViewItemC1EP9QListView7QStringS2_S2_S2_S2_S2_S2_S2_
_ZN13QListViewItemC1EPS_7QStringS1_S1_S1_S1_S1_S1_S1_
_ZN13QSqlFieldInfoC1ERK7QStringN8QVariant4TypeEiiiRKS3_ibbb
_ZN13QSqlFieldInfoC1ERKS_
_ZN13QSqlFieldInfoD1Ev
_ZN14QGListIterator6toLastEv
_ZN14QGListIterator7toFirstEv
_ZN14QGListIteratorC2ERK6QGList
_ZN14QGListIteratorD2Ev
_ZN14QGListIteratoraSERKS_
_ZN14QGListIteratorclEv
_ZN14QGListIteratormIEj
_ZN14QGListIteratormmEv
_ZN14QGListIteratorpLEj
_ZN14QGListIteratorppEv
_ZN14QPtrCollection7newItemEPv
_ZN15QMapPrivateBase18removeAndRebalanceEP12QMapNodeBaseRS1_S2_S2_
_ZN15QMapPrivateBase9rebalanceEP12QMapNodeBaseRS1_
_ZN16QDomNamedNodeMapD1Ev
_ZN4QDir13setNameFilterERK7QString
_ZN4QDir7setPathERK7QString
_ZN4QDirC1Ev
_ZN4QDirD1Ev
_ZN5QFile10writeBlockEPKcm
_ZN5QFile4openEi
_ZN5QFile5closeEv
_ZN5QFile5flushEv
_ZN5QFile8readLineEPcm
_ZN5QFileC1ERK7QString
_ZN5QFileD1Ev
_ZN6QGList10removeNodeEP6QLNode
_ZN6QGList12compareItemsEPvS0_
_ZN6QGList4findEPvb
_ZN6QGList4lastEv
_ZN6QGList4nextEv
_ZN6QGList4prevEv
_ZN6QGList4readER11QDataStreamRPv
_ZN6QGList4sortEv
_ZN6QGList4takeEv
_ZN6QGList5clearEv
_ZN6QGList5eraseEP6QLNode
_ZN6QGList5firstEv
_ZN6QGList6appendEPv
_ZN6QGList6inSortEPv
_ZN6QGList6locateEj
_ZN6QGList6removeEPv
_ZN6QGList6takeAtEj
_ZN6QGList7findRefEPvb
_ZN6QGList8insertAtEjPv
_ZN6QGList8removeAtEj
_ZN6QGList8takeNodeEP6QLNode
_ZN6QGList9removeRefEPv
_ZN6QGList9replaceAtEjPv
_ZN6QGListC2ERKS_
_ZN6QGListC2Ev
_ZN6QGListD2Ev
_ZN6QGListaSERKS_
_ZN6QMutex4lockEv
_ZN6QMutex6unlockEv
_ZN6QMutexC1Eb
_ZN6QMutexD1Ev
_ZN7QGArray10deleteDataEPNS_10array_dataE
_ZN7QGArray10setRawDataEPKcj
_ZN7QGArray12resetRawDataEPKcj
_ZN7QGArray4fillEPKcij
_ZN7QGArray4sortEj
_ZN7QGArray6assignEPKcj
_ZN7QGArray6assignERKS_
_ZN7QGArray6resizeEj
_ZN7QGArray6resizeEjNS_12OptimizationE
_ZN7QGArray7newDataEv
_ZN7QGArray9duplicateEPKcj
_ZN7QGArray9duplicateERKS_
_ZN7QGArray9msg_indexEj
_ZN7QGArrayC2ERKS_
_ZN7QGArrayC2Ei
_ZN7QGArrayC2Eii
_ZN7QGArrayC2Ev
_ZN7QGArrayD2Ev
_ZN7QObject2trEPKcS1_
_ZN7QString11shared_nullE
_ZN7QString14makeSharedNullEv
_ZN7QString4nullE
_ZN7QString6removeEPKc
_ZN7QString6removeEjj
_ZN7QString7replaceE5QCharS0_
_ZN7QString8fromUtf8EPKci
_ZN7QString9fromAsciiEPKci
_ZN7QStringC1E5QChar
_ZN7QStringC1EPKc
_ZN7QStringC1ERKS_
_ZN7QStringaSEPKc
_ZN7QStringaSERKS_
_ZN7QStringpLEPKc
_ZN7QStringpLERKS_
_ZN7QThread4waitEm
_ZN7QThread5startEv
_ZN7QThread6msleepEm
_ZN7QThreadC2Ev
_ZN7QThreadD2Ev
_ZN8QDomAttrD1Ev
_ZN8QDomNode11appendChildERKS_
_ZN8QDomNode6toAttrEv
_ZN8QDomNode9toElementEv
_ZN8QDomNodeC1ERKS_
_ZN8QDomNodeD1Ev
_ZN8QVariantC1EPKc
_ZN8QVariantC1Ed
_ZN8QVariantC1Ei
_ZN8QVariantC1Ev
_ZN8QVariantD1Ev
_ZN9QDateTime15currentDateTimeEv
_ZN9QListViewC1EP7QWidgetPKcj
_ZN9QSqlErrorD1Ev
_ZN9QSqlQuery4nextEv
_ZN9QSqlQueryC1ERK7QStringP12QSqlDatabase
_ZN9QSqlQueryD1Ev
_ZNK10QSqlCursor4nameEv
_ZNK11QDomElement10attributesEv
_ZNK11QDomElement7tagNameEv
_ZNK12QDomDocument15documentElementEv
_ZNK12QDomNodeList4itemEi
_ZNK12QDomNodeList6lengthEv
_ZNK12QSqlDatabase9lastErrorEv
_ZNK13QListViewItem10firstChildEv
_ZNK13QSqlFieldInfoeqERKS_
_ZNK16QDomNamedNodeMap4itemEi
_ZNK16QDomNamedNodeMap6lengthEv
_ZNK4QDir9entryListEii
_ZNK5QFile5atEndEv
_ZNK6QGList11containsRefEPv
_ZNK6QGList5writeER11QDataStreamPv
_ZNK6QGList8containsEPv
_ZNK6QGList8toVectorEP8QGVector
_ZNK6QGListeqERKS_
_ZNK7QGArray4findEPKcjj
_ZNK7QGArray7bsearchEPKcj
_ZNK7QGArray7isEqualERKS_
_ZNK7QGArray8containsEPKcj
_ZNK7QString11leftJustifyEj5QCharb
_ZNK7QString15stripWhiteSpaceEv
_ZNK7QString3argExii
_ZNK7QString3midEjj
_ZNK7QString4findE5QCharib
_ZNK7QString4leftEj
_ZNK7QString5asciiEv
_ZNK7QString5lowerEv
_ZNK7QString5toIntEPbi
_ZNK7QString5upperEv
_ZNK7QString6latin1Ev
_ZNK7QString7sectionERKS_iii
_ZNK8QDomAttr4nameEv
_ZNK8QDomAttr5valueEv
_ZNK8QDomNode10attributesEv
_ZNK8QDomNode10childNodesEv
_ZNK8QDomNode10firstChildEv
_ZNK8QDomNode9isElementEv
_ZNK8QVariant5toIntEPb
_ZNK8QVariant6toUIntEPb
_ZNK8QVariant8toStringEv
_ZNK9QDateTime8toStringERK7QString
_ZNK9QListView10firstChildEv
_ZNK9QSqlError10driverTextEv
_ZNK9QSqlError12databaseTextEv
_ZNK9QSqlError4typeEv
_ZNK9QSqlQuery15numRowsAffectedEv
_ZNK9QSqlQuery5valueEi
_ZNK9QSqlQuery9lastErrorEv
_ZNK9QSqlQuery9lastQueryEv
_ZeqRK5QRectS1_
_ZeqRK7QStringPKc
_ZeqRK7QStringS1_
_ZltRK7QStringS1_
_ZneRK7QStringPKc

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9bf73b5f49ddc023a7009bcfc5c1324a

Headers

File Characteristics

Imports

kernel32

mingwm10

msvcrt

qt-mt338

Sections

.text Size: 367KB - Virtual size: 367KB

.data Size: 14KB - Virtual size: 13KB

.bss Size: - Virtual size: 21KB

.idata Size: 10KB - Virtual size: 10KB

.text
Size: 367KB - Virtual size: 367KB

.data
Size: 14KB - Virtual size: 13KB

.bss
Size: - Virtual size: 21KB

.idata
Size: 10KB - Virtual size: 10KB