lotteryserver[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

lotteryserver.exe
Size

88KB
MD5

01c74b16c3acf46e5014504c1819cc2a
SHA1

9f88d463a3c364d61fba8684bf3d0e8ce81effab
SHA256

2b9bd76a4d4c4dcd614b594cc7e7a32ed4a8411473c78a13b269d45ba2bfaa72
SHA512

04f02473ea64b94291d287a9f19d4bafcfa02839c194559211b00f392c799ff290f64b87383afe3eb6e7a1e8fca338c02c996296200cb5d87ee9f597b1cb1265
SSDEEP

1536:Mz9zzdjKpOswxW3iNPeX3I0tpF8Q3WRbaAlj581pRBW:yek4iNcp5G97qBW

Score

N/A

Malware Config

Signatures

Files

lotteryserver.exe
.exe windows x64

357a9ff1518ae3e071c82ea823ac1a13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

qt5core

_ZN10QArrayData10deallocateEPS_yy
_ZN10QArrayData11shared_nullE
_ZN10QJsonArray6appendERK10QJsonValue
_ZN10QJsonArrayC1Ev
_ZN10QJsonArrayD1Ev
_ZN10QJsonArrayaSERKS_
_ZN10QJsonValueC1ERK11QJsonObject
_ZN10QJsonValueC1ERK7QString
_ZN10QJsonValueC1Ed
_ZN10QJsonValueD1Ev
_ZN11QJsonObjectC1Ev
_ZN11QJsonObjectD1Ev
_ZN11QJsonObjectixERK7QString
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QTextStream7readAllEv
_ZN11QTextStream8setCodecEPKc
_ZN11QTextStreamC1EP9QIODevice
_ZN11QTextStreamD1Ev
_ZN11QTextStreamlsEPKc
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN11QTextStreamlsEd
_ZN11QTextStreamlsEi
_ZN12QMapDataBase8freeDataEPS_
_ZN12QMapDataBase8freeTreeEP12QMapNodeBasei
_ZN13QJsonDocument8fromJsonERK10QByteArrayP15QJsonParseError
_ZN13QJsonDocument8setArrayERK10QJsonArray
_ZN13QJsonDocumentC1ERK10QJsonArray
_ZN13QJsonDocumentC1ERK11QJsonObject
_ZN13QJsonDocumentC1Ev
_ZN13QJsonDocumentD1Ev
_ZN13QJsonValueRefaSERK10QJsonValue
_ZN16QCoreApplication4execEv
_ZN16QCoreApplicationC1ERiPPci
_ZN16QCoreApplicationD1Ev
_ZN4QDir11currentPathEv
_ZN5QFile4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN5QFileC1ERK7QString
_ZN5QFileD1Ev
_ZN5QTimeC1Eiiii
_ZN6QDebug12putByteArrayEPKcyNS_13Latin1ContentE
_ZN6QDebug9putStringEPK5QChary
_ZN6QDebugD1Ev
_ZN6QTimer16staticMetaObjectE
_ZN6QTimer5startEi
_ZN6QTimer7timeoutENS_14QPrivateSignalE
_ZN6QTimerC1EP7QObject
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11connectImplEPKS_PPvS1_S3_PN9QtPrivate15QSlotObjectBaseEN2Qt14ConnectionTypeEPKiPK11QMetaObject
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11deleteLaterEv
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject5eventEP6QEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QString13toUtf8_helperERKS_
_ZN7QString14compare_helperEPK5QChariPKciN2Qt15CaseSensitivityE
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString16fromAscii_helperEPKci
_ZN7QString17fromLatin1_helperEPKci
_ZN7QString20fromLocal8Bit_helperEPKci
_ZN7QString6appendERKS_
_ZN7QString6numberEdci
_ZN7QStringaSERKS_
_ZN8QProcess10setProgramERK7QString
_ZN8QProcess12setArgumentsERK11QStringList
_ZN8QProcess20readAllStandardErrorEv
_ZN8QProcess21readAllStandardOutputEv
_ZN8QProcess5startE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN8QProcess7executeERK7QStringRK11QStringList
_ZN8QProcessC1EP7QObject
_ZN8QProcessD1Ev
_ZN8QVariantC1ERK7QString
_ZN8QVariantD1Ev
_ZN9QDateTime10fromStringERK7QStringS2_
_ZN9QDateTime15currentDateTimeEv
_ZN9QDateTime7setTimeERK5QTime
_ZN9QDateTimeD1Ev
_ZN9QIODevice5writeEPKcx
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData6detachEi
_ZN9QListData7disposeEPNS_4DataE
_ZNK10QByteArray6isNullEv
_ZNK10QJsonValue5toIntEi
_ZNK10QJsonValue8toDoubleEd
_ZNK10QJsonValue8toStringEv
_ZNK11QMetaObject4castEP7QObject
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK12QMapNodeBase8nextNodeEv
_ZNK13QJsonDocument6objectEv
_ZNK13QJsonDocument6toJsonEv
_ZNK13QJsonValueRef7toArrayEv
_ZNK13QJsonValueRef7toValueEv
_ZNK13QJsonValueRef8toObjectEv
_ZNK14QMessageLogger5debugEv
_ZNK5QDate8toStringEN2Qt10DateFormatE
_ZNK5QDate9dayOfWeekEv
_ZNK5QFile8fileNameEv
_ZNK5QTime7addSecsEi
_ZNK5QTime8toStringERK7QString
_ZNK7QObject6senderEv
_ZNK7QString3argERKS_i5QChar
_ZNK7QString3argEdici5QChar
_ZNK7QString3argExii5QChar
_ZNK7QString3midEii
_ZNK7QString4leftEi
_ZNK7QString5rightEi
_ZNK7QString5splitERKS_6QFlagsIN2Qt18SplitBehaviorFlagsEENS3_15CaseSensitivityE
_ZNK7QString5toIntEPbi
_ZNK8QVariant10toDateTimeEv
_ZNK8QVariant11toByteArrayEv
_ZNK8QVariant5toIntEPb
_ZNK8QVariant8toDoubleEPb
_ZNK8QVariant8toStringEv
_ZNK9QDateTime4dateEv
_ZNK9QDateTime4timeEv
_ZNK9QDateTime7addDaysEx
_ZNK9QDateTime8toStringERK7QString
_ZNK9QDateTimeltERKS_
_ZNK9QIODevice11errorStringEv
_ZeqRK7QStringS1_
_Zls6QDebugRK8QVariant

qt5network

_ZN12QHostAddressC1ENS_14SpecialAddressE
_ZN12QHostAddressD1Ev

qt5sql

_ZN12QSqlDatabase11addDatabaseERK7QStringS2_
_ZN12QSqlDatabase11transactionEv
_ZN12QSqlDatabase15setDatabaseNameERK7QString
_ZN12QSqlDatabase17defaultConnectionE
_ZN12QSqlDatabase4openEv
_ZN12QSqlDatabase6commitEv
_ZN12QSqlDatabase8rollbackEv
_ZN12QSqlDatabaseC1ERKS_
_ZN12QSqlDatabaseC1Ev
_ZN12QSqlDatabaseD1Ev
_ZN12QSqlDatabaseaSERKS_
_ZN9QSqlQuery12addBindValueERK8QVariant6QFlagsIN4QSql13ParamTypeFlagEE
_ZN9QSqlQuery4execERK7QString
_ZN9QSqlQuery4execEv
_ZN9QSqlQuery4nextEv
_ZN9QSqlQuery7prepareERK7QString
_ZN9QSqlQueryC1E12QSqlDatabase
_ZN9QSqlQueryD1Ev
_ZNK12QSqlDatabase6driverEv
_ZNK9QSqlQuery11boundValuesEv
_ZNK9QSqlQuery5valueEi

qt5websockets

_ZN10QWebSocket12disconnectedEv
_ZN10QWebSocket15sendTextMessageERK7QString
_ZN10QWebSocket16staticMetaObjectE
_ZN10QWebSocket19textMessageReceivedERK7QString
_ZN10QWebSocket21binaryMessageReceivedERK10QByteArray
_ZN10QWebSocket5closeEN18QWebSocketProtocol9CloseCodeERK7QString
_ZN16QWebSocketServer11qt_metacallEN11QMetaObject4CallEiPPv
_ZN16QWebSocketServer11qt_metacastEPKc
_ZN16QWebSocketServer13newConnectionEv
_ZN16QWebSocketServer16staticMetaObjectE
_ZN16QWebSocketServer21nextPendingConnectionEv
_ZN16QWebSocketServer6listenERK12QHostAddresst
_ZN16QWebSocketServerC2ERK7QStringNS_7SslModeEP7QObject
_ZN16QWebSocketServerD2Ev

libgcc_s_seh-1

_Unwind_Resume

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strcmp
strlen
strncmp
vfprintf

libstdc++-6

_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdlPv
_Znwy
__cxa_begin_catch
__cxa_end_catch
__cxa_rethrow
__gxx_personality_seh0

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

357a9ff1518ae3e071c82ea823ac1a13

Headers

File Characteristics

Imports

qt5core

qt5network

qt5sql

qt5websockets

libgcc_s_seh-1

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 512B - Virtual size: 288B

.rdata Size: 6KB - Virtual size: 5KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 7KB - Virtual size: 7KB

.bss Size: - Virtual size: 2KB

.idata Size: 11KB - Virtual size: 11KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 512B - Virtual size: 288B

.rdata
Size: 6KB - Virtual size: 5KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 7KB - Virtual size: 7KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 11KB - Virtual size: 11KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B