af5954f5ece0df422156f83c8f7ef9daecb2c31b460cd05265433688b2920ce5

Sharing

Copy URL Twitter E-mail

General

Target

af5954f5ece0df422156f83c8f7ef9daecb2c31b460cd05265433688b2920ce5
Size

15KB
MD5

8507c20e386aba12240b0f479adac0d5
SHA1

693fd18fb268a90d96333f46c746a4fee310acda
SHA256

af5954f5ece0df422156f83c8f7ef9daecb2c31b460cd05265433688b2920ce5
SHA512

dda4259959a3e390a91da7c12a5815b48afd5c12e3723aacdc587060afbbb88f4915efd0705ecda930b4d14e3c078abd28b8fa08a397631be6f49fbfd34f1109
SSDEEP

192:eGAI2xV7UGqYnOGeL3WLLvkOtyHlZU9XsC0Gy3yBzV//yNJ53z6a3vNwuPQ0:ezIaXq+eL3CLvkOtyHU9c04NHNZr

Score

N/A

Malware Config

Signatures

Files

af5954f5ece0df422156f83c8f7ef9daecb2c31b460cd05265433688b2920ce5
.exe windows x86

cba85411a15eafcb59d5c4fb09dfc6d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qt5gui

??1QGuiApplication@@UAE@XZ
??0QGuiApplication@@QAE@AAHPAPADH@Z

qt5core

?freeData@QMapDataBase@@SAXPAU1@@Z
??1QVariant@@QAE@XZ
?readAll@QIODevice@@QAE?AVQByteArray@@XZ
?close@QFileDevice@@UAEXXZ
??0QFile@@QAE@ABVQString@@@Z
??1QFile@@UAE@XZ
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
??1QFileInfo@@QAE@XZ
?exists@QFileInfo@@QBE_NXZ
??0QJsonValue@@QAE@_N@Z
??0QJsonValue@@QAE@ABVQJsonObject@@@Z
??1QJsonValue@@QAE@XZ
?freeTree@QMapDataBase@@QAEXPAUQMapNodeBase@@H@Z
?toObject@QJsonValueRef@@QBE?AVQJsonObject@@XZ
??0QJsonDocument@@QAE@ABVQJsonObject@@@Z
??1QJsonDocument@@QAE@XZ
?fromJson@QJsonDocument@@SA?AV1@ABVQByteArray@@PAUQJsonParseError@@@Z
?toJson@QJsonDocument@@QBE?AVQByteArray@@XZ
?toJson@QJsonDocument@@QBE?AVQByteArray@@W4JsonFormat@1@@Z
?object@QJsonDocument@@QBE?AVQJsonObject@@XZ
?isNull@QJsonDocument@@QBE_NXZ
??1QJsonObject@@QAE@XZ
?toVariantMap@QJsonObject@@QBE?AV?$QMap@VQString@@VQVariant@@@@XZ
??AQJsonObject@@QAE?AVQJsonValueRef@@ABVQString@@@Z
??0QTextStream@@QAE@PAVQIODevice@@@Z
??1QTextStream@@UAE@XZ
??6QTextStream@@QAEAAV0@ABVQByteArray@@@Z
?quit@QCoreApplication@@SAXXZ
?arguments@QCoreApplication@@SA?AVQStringList@@XZ
?at@QListData@@QBEPAPAXH@Z
?size@QListData@@QBEHXZ
?dispose@QListData@@SAXPAUData@1@@Z
?fromAscii_helper@QString@@CAPAU?$QTypedArrayData@G@@PBDH@Z
??4QString@@QAEAAV0@ABVQByteArray@@@Z
??0QString@@QAE@ABVQByteArray@@@Z
?toUtf8@QString@@QGBE?AVQByteArray@@XZ
??1QString@@QAE@XZ
??0QString@@QAE@ABV0@@Z
??0QString@@QAE@XZ
??1QByteArray@@QAE@XZ
??4QJsonValueRef@@QAEAAV0@ABVQJsonValue@@@Z

vcruntime140

_CxxThrowException
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
_except_handler4_common
memset

api-ms-win-crt-runtime-l1-1-0

terminate
_controlfp_s
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_seh_filter_exe
_set_app_type
_c_exit
_cexit
_configure_narrow_argv
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
free
malloc

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
LocalFree
GetCommandLineW
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
WideCharToMultiByte

shell32

CommandLineToArgvW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cba85411a15eafcb59d5c4fb09dfc6d3

Headers

DLL Characteristics

File Characteristics

Imports

qt5gui

qt5core

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

shell32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1020B

.gfids Size: 512B - Virtual size: 80B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 764B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1020B

.gfids
Size: 512B - Virtual size: 80B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 764B