upgrade[.]insignum[.]pl_-_upgrade_-_kolhurt_-_dodatki_-_dostep_-_QTADO40[.]ZIP___6879c70705c384708621beb33563684e[.]dat

Sharing

Copy URL Twitter E-mail

General

Target

upgrade.insignum.pl_-_upgrade_-_kolhurt_-_dodatki_-_dostep_-_QTADO40.ZIP___6879c70705c384708621beb33563684e.dat
Size

1.1MB
MD5

6879c70705c384708621beb33563684e
SHA1

0abd1aa341c64b5c752b9560c1355f5cd30f9534
SHA256

df22b4731330e9e5ee6839ff89dbd7d299c7432bfc9f15fdd11ef32616d2d3e1
SHA512

fd8eeb2eb64efa0db45e709388be921d236129530a5214fc0ab94f168fe642d9fa43ce7610e6b1792939ffd4aa2878ea226e6a9cdfa940de313b346159f00bc3
SSDEEP

24576:9apdCUPibyr/t4zQpkgaqWfOfJ8k/0UCI3s1jBUweu8q:9aHCUP4yTt4zQpCqWfOGk/JCrtRLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QTADO40/MSVCRT.DLL
unpack001/QTADO40/ODI.dll
unpack001/QTADO40/PI.dll
unpack001/QTADO40/QTADO.exe
unpack001/QTADO40/UINSTQTA.exe

Files

upgrade.insignum.pl_-_upgrade_-_kolhurt_-_dodatki_-_dostep_-_QTADO40.ZIP___6879c70705c384708621beb33563684e.dat
.zip
QTADO40/MSHFLXGD.OCX
.dll regsvr32 windows x86

56ac46dcc88f67428b0149d3d554a99b

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

olepro32

ord253
ord254
ord252
ord250

comctl32

ImageList_Destroy
ImageList_LoadImageA

kernel32

Sleep
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
HeapSize
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
SetLastError
GetCurrentThread
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
TlsGetValue
VirtualAlloc
IsBadCodePtr
GetStdHandle
GetFileType
WriteFile
IsValidLocale
IsValidCodePage
GetUserDefaultLCID
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
FlushFileBuffers
GetTimeZoneInformation
CloseHandle
SetStdHandle
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsDBCSLeadByte
GetVersionExA
GlobalFree
TlsSetValue
GlobalUnlock
GlobalLock
GlobalSize
lstrcmpA
TlsFree
TlsAlloc
ExitProcess
GetCurrentThreadId
FatalAppExitA
RaiseException
GetModuleHandleA
GetCommandLineA
GetVersion
RtlUnwind
GetFileAttributesA
LoadResource
DisableThreadLibraryCalls
FindResourceA
lstrcmpiA
LockResource
GetLastError
GetLocaleInfoA
HeapReAlloc
GetProcAddress
GetModuleFileNameA
LoadLibraryA
GetWindowsDirectoryA
lstrcmpiW
IsBadReadPtr
GetProfileStringA
MulDiv
lstrcpynA
FormatMessageA
FreeLibrary
lstrcpyA
MultiByteToWideChar
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
InterlockedIncrement
UnhandledExceptionFilter
lstrlenA
lstrlenW
lstrcmpW
lstrcatA
LCMapStringA
LCMapStringW
GlobalAlloc
WideCharToMultiByte
GetProcessHeap
HeapAlloc
HeapFree
InterlockedDecrement
LocalFree
IsBadWritePtr

user32

SetCursorPos
GetSysColor
PostMessageW
PeekMessageW
UnregisterClassA
CreateDialogIndirectParamA
IsChild
IsWindowEnabled
GetNextDlgTabItem
MapWindowPoints
GetClipboardFormatNameA
ScrollWindowEx
GetCapture
CallWindowProcA
ShowWindow
SetWindowRgn
IntersectRect
EqualRect
ClientToScreen
CharNextA
GetWindow
RegisterClipboardFormatA
WinHelpA
IsDialogMessageA
EndDialog
BeginPaint
EndPaint
SetParent
IsWindowVisible
CreateWindowExA
DestroyWindow
LoadBitmapA
SetDlgItemInt
CheckDlgButton
GetDlgItem
GetDlgItemInt
IsDlgButtonChecked
SetFocus
InvalidateRect
GetActiveWindow
DialogBoxParamA
PeekMessageA
GetWindowRect
MoveWindow
SendMessageA
MessageBeep
SendDlgItemMessageA
DrawTextExW
DrawTextExA
GetParent
GetSystemMetrics
FillRect
GetWindowLongA
SetWindowPos
DrawFocusRect
SetTimer
ReleaseCapture
SetCapture
SetCursor
DefWindowProcA
EnableWindow
GetCursorPos
ScreenToClient
PtInRect
PostMessageA
DrawEdge
FrameRect
InflateRect
SetWindowLongA
LoadCursorA
RegisterClassA
RegisterWindowMessageA
SetRect
UpdateWindow
GetKeyState
IsWindow
GetScrollRange
ScrollWindow
OffsetRect
SetScrollRange
GetClientRect
SetScrollPos
ShowScrollBar
LoadStringA
MessageBoxA
GetDC
ReleaseDC
KillTimer
wsprintfA
GetFocus

ole32

CoCreateInstance
ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateOleAdviseHolder
OleLoadFromStream
OleSaveToStream
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA

oleaut32

LoadTypeLi
SysStringByteLen
GetErrorInfo
VariantChangeType
LoadRegTypeLi
CreateErrorInfo
SetErrorInfo
VariantInit
SysStringLen
SysFreeString
SysAllocString
VariantCopyInd
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLibEx
VariantCopy
SysAllocStringLen
SysAllocStringByteLen
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElement
SafeArrayPutElement
SafeArrayRedim
SafeArrayCopy

gdi32

GetWindowExtEx
SetWindowOrgEx
CreateDCA
SetViewportOrgEx
GetPaletteEntries
GetDIBits
CopyEnhMetaFileA
GetBitmapBits
CreatePalette
CreateDIBitmap
GetViewportExtEx
GetNearestColor
LPtoDP
DeleteObject
CreatePen
GetTextMetricsA
GetTextExtentPoint32W
CreateFontIndirectA
CreateSolidBrush
GetStockObject
SelectObject
StretchBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
ExcludeClipRect
SaveDC
RestoreDC
LineTo
MoveToEx
GetObjectA
Rectangle
SetBkMode
SetTextColor
SelectPalette
GetCurrentPositionEx
RealizePalette
SetWindowExtEx
DPtoLP
SetViewportExtEx
GetTextColor
CreateBitmap
SetMapMode
GetDeviceCaps
CreateRectRgnIndirect
CopyMetaFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QTADO40/MSVCRT.DLL
.dll windows x86

799e28bcbf4e94ca50e4b0a2c283ab7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
RaiseException
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctime64
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stat64
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_time64
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_utime64
_vsnprintf
_vsnwprintf
_waccess
_wasctime

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QTADO40/ODI.dll
.dll regsvr32 windows x86

0a9558f2b835be437ad9bf2add5327f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
VirtualQuery
SetEnvironmentVariableA
ExitProcess
GetCommandLineA
RaiseException
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
WritePrivateProfileStringA
GetFileTime
GetFileAttributesA
InterlockedExchange
FileTimeToLocalFileTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
LocalAlloc
lstrcpyW
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GlobalReAlloc
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
FreeResource
GlobalFree
VirtualProtect
CompareStringW
CompareStringA
GetVersion
LoadLibraryExA
FreeLibrary
IsDBCSLeadByte
lstrcpynA
InterlockedIncrement
GetModuleFileNameA
lstrcatA
lstrcmpiA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InterlockedDecrement
lstrcpyA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
QueryPerformanceCounter

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
ClientToScreen
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
EnableWindow
SendMessageA
IsWindow
GetTabbedTextExtentA
GetDC
ReleaseDC
GetWindowRect
LoadStringA
CharNextA
CharUpperA
IsWindowEnabled
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetMenuState
GetDlgItem
GetParent
GetWindowLongA
PostMessageA
SetFocus
GetFocus
GetAsyncKeyState
SetActiveWindow
GetActiveWindow
GetCapture
ShowWindow
SetWindowPos
MapDialogRect
EndDialog
GetNextDlgTabItem
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
GetDesktopWindow
GetWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GrayStringA

gdi32

GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetTextExtentPoint32A
SelectObject
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
GetDeviceCaps
SaveDC
RestoreDC
SetMapMode

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

comctl32

ImageList_Destroy
ImageList_LoadImageA
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoCreateInstance
CoTaskMemRealloc
StringFromGUID2
ProgIDFromCLSID
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantInit
VariantChangeType
VariantClear
SysStringLen
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
CreateErrorInfo
SetErrorInfo
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString

odbc32

ord11
ord72
ord4
ord17
ord41
ord10
ord2
ord1
ord15
ord9
ord14
ord3
ord16
ord20
ord8
ord48
ord49
ord19
ord12
ord46
ord18
ord13
ord59
ord68
ord50
ord51
ord5
ord47
ord44
ord45

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QTADO40/OrderForm.txt
QTADO40/PI.dll
.dll regsvr32 windows x86

653d5efbf597eef23535f316f1956b00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
RaiseException
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetDateFormatA
InterlockedExchange
GetTimeFormatA
HeapReAlloc
RtlUnwind
HeapFree
HeapAlloc
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
FileTimeToSystemTime
SetLastError
GlobalFree
MulDiv
GlobalUnlock
LocalFree
CloseHandle
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
CompareStringW
CompareStringA
GetVersion
FormatMessageA
LocalAlloc
LockResource
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
lstrcpynA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
lstrcatA
lstrcpyA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetUnhandledExceptionFilter

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
UnregisterClassA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
CharNextA
SendMessageA
wsprintfA
LoadStringA
GetClientRect
EnableWindow
CharUpperA
PostQuitMessage
PostMessageA
SetCursor
GetClassInfoExA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
PtInRect
GetWindow
UnhookWindowsHookEx
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
LoadIconA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
MessageBoxA
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetWindowTextLengthA
GetWindowTextA
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState

gdi32

GetStockObject
DeleteDC
SetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
CreateBitmap
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
ScaleViewportExtEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA

comctl32

ImageList_Destroy
ImageList_LoadImageA
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

ProgIDFromCLSID
CoCreateGuid
StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SysStringLen
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
VariantClear
GetErrorInfo
VarUdateFromDate
SetErrorInfo
CreateErrorInfo
VariantInit
VariantCopy
VarBstrFromCy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QTADO40/QTADO.exe
.exe windows x86

0369d33a5783085768763e30c3f8de4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
SetStdHandle
GetFileType
HeapSize
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetTimeZoneInformation
VirtualAlloc
VirtualFree
GetSystemInfo
VirtualQuery
HeapDestroy
HeapCreate
ExitThread
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
IsBadCodePtr
SetEnvironmentVariableA
TerminateProcess
HeapReAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
Sleep
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
GetDateFormatA
GetTimeFormatA
RaiseException
RtlUnwind
lstrcpyW
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
VirtualProtect
GetDiskFreeSpaceA
GetTempFileNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
MoveFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetFileTime
GetFileSize
GetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateEventA
SuspendThread
SetEvent
ResumeThread
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
lstrcpyA
SystemTimeToFileTime
FileTimeToSystemTime
IsBadReadPtr
IsBadWritePtr
SetLastError
GlobalSize
GlobalLock
GlobalUnlock
LocalFree
GetStringTypeExA
lstrcmpiA
CompareStringW
lstrlenW
CompareStringA
GetVersion
GlobalAlloc
GlobalReAlloc
GlobalFree
GetShortPathNameA
GetSystemDirectoryA
GetTempPathA
GetModuleFileNameA
lstrcpynA
CreateFileA
ReadFile
CloseHandle
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
CopyFileA
DeleteFileA
GetLastError
MultiByteToWideChar
GetCurrentDirectoryA
SetCurrentDirectoryA
WaitForSingleObject
GetExitCodeThread
TerminateThread
SearchPathA
GetTickCount
FormatMessageA
lstrlenA
LocalAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindFirstFileA
FindClose
FindNextFileA
lstrcmpA
GlobalMemoryStatus
GetThreadPriority
SetThreadPriority
InterlockedDecrement
WideCharToMultiByte
InterlockedIncrement
EnterCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetStdHandle

user32

SetParent
InSendMessage
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMenuItemInfoA
GetMessageA
TranslateMessage
ValidateRect
CreateDialogIndirectParamA
EndDialog
GetTabbedTextExtentA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DestroyCursor
SetCursorPos
SetCapture
DestroyMenu
UnpackDDElParam
ReuseDDElParam
SetCursor
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetMenu
GetDesktopWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
RegisterWindowMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
LoadIconA
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
EqualRect
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
SetWindowPlacement
CallWindowProcA
IntersectRect
SystemParametersInfoA
DefWindowProcA
WindowFromPoint
GetCapture
IsRectEmpty
DeferWindowPos
OffsetRect
AdjustWindowRectEx
TranslateAcceleratorA
TranslateMDISysAccel
CreateWindowExA
BringWindowToTop
GetActiveWindow
GetDCEx
DefMDIChildProcA
GetMenu
DefFrameProcA
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
SetFocus
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
UnregisterClassA
InvalidateRect
SendMessageA
PostMessageA
PostQuitMessage
PeekMessageA
CopyRect
PtInRect
InflateRect
IsWindow
IsIconic
GetWindowRect
GetClientRect
GetDC
SendDlgItemMessageA
GetDlgItem
GetMenuStringA
GetMenuItemID
InsertMenuA
GetWindow
GetWindowPlacement
ShowWindow
CharUpperA
GetNextDlgGroupItem
InvalidateRgn
DestroyIcon
DrawIcon
CharNextA
PostThreadMessageA
CreateMenu
LoadCursorA
GetWindowLongA
SetWindowLongA
RedrawWindow
CheckMenuItem
GetSystemMenu
GetSystemMetrics
ShowScrollBar
LockWindowUpdate
ModifyMenuA
SetRectEmpty
IsClipboardFormatAvailable
GetMessagePos
CountClipboardFormats
SendNotifyMessageA
CopyAcceleratorTableA
GetAsyncKeyState
SetRect
GetSysColorBrush
ReleaseDC
IsWindowVisible
SetTimer
KillTimer
SetActiveWindow
GetFocus
GetSysColor
IsChild
EnableWindow
GetDlgCtrlID
LoadImageA
wsprintfA
GetKeyState
MessageBeep
GetParent
EnableMenuItem
GetSubMenu
LoadMenuA
ClientToScreen
ScreenToClient
SetForegroundWindow
GetCursorPos
FindWindowA
LoadBitmapA
DeleteMenu
AppendMenuA
GetMenuItemCount
IsZoomed
RemoveMenu
GetMenuState
SetWindowRgn
DrawMenuBar
GetNextDlgTabItem

gdi32

CreatePen
CreateSolidBrush
GetViewportOrgEx
DPtoLP
Rectangle
GetCharWidthA
CreateFontA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
StartPage
EndPage
AbortDoc
EndDoc
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetWindowOrgEx
GetRgnBox
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SetAbortProc
CreateFontIndirectA
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetBkColor
CopyMetaFileA
CreateDCA
StretchDIBits
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleBitmap
CreateBitmap
GetStockObject
EnumFontFamiliesExA
BitBlt
PatBlt
CreateCompatibleDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
GetDeviceCaps
GetObjectA

comdlg32

PrintDlgA
FindTextA
ReplaceTextA
CommDlgExtendedError
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ChooseFontA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegCloseKey

shell32

ExtractIconA
SHGetFileInfoA
DragAcceptFiles
ShellExecuteA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA
DragFinish
FindExecutableA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_LoadImageA
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

PathIsUNCA
PathStripToRootA
PathRemoveExtensionA
PathFindExtensionA
PathFindFileNameA

oledlg

ord4
ord11
ord8
ord3

ole32

CoLockObjectExternal
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleGetClipboard
OleLockRunning
OleSetMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoRegisterMessageFilter
OleSave
WriteClassStm
OleSaveToStream
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
GetHGlobalFromILockBytes
GetRunningObjectTable
CreateGenericComposite
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
RevokeDragDrop
CoCreateGuid
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
OleRun
CoInitialize
CoGetInterfaceAndReleaseStream
CoUninitialize
CreateFileMoniker
OleIsRunning
CreateItemMoniker
CoDisconnectObject
OleRegGetMiscStatus
OleRegEnumVerbs
OleInitialize
CoFreeUnusedLibraries
OleFlushClipboard
OleUninitialize
OleIsCurrentClipboard
OleSetClipboard
CoGetClassObject
CLSIDFromProgID
OleGetIconOfClass
CLSIDFromString

olepro32

ord253

oleaut32

VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
VariantInit
VariantCopy
VariantChangeType
GetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayPutElement
SafeArrayCreate
GetActiveObject
VarUdateFromDate
SystemTimeToVariantTime
VarBstrFromDate
VariantTimeToSystemTime
VarDateFromStr
SysAllocStringLen
VarBstrFromCy

Sections

.text
Size: 784KB - Virtual size: 781KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QTADO40/QTADO.xsl
.xml
QTADO40/QryTool.reg
QTADO40/UINSTQTA.exe
.exe windows x86

d811aaac0e91d0d3e8d616bb7813b538

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
Sleep
DeleteFileA
FindClose
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
OutputDebugStringA
FindFirstFileA
FreeLibrary
GetStringTypeA
VirtualQuery
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
IsBadReadPtr
IsBadCodePtr
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetSystemTimeAsFileTime

user32

MessageBoxA
EnumWindows
GetWindowTextA
GetDesktopWindow

advapi32

RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QTADO40/readme.htm
.html

Sharing

General

Malware Config

Signatures

Files

56ac46dcc88f67428b0149d3d554a99b

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10Certificate

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1dCertificate

Extended Key Usages

Key Usages

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5cCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

olepro32

comctl32

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 248KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 21KB - Virtual size: 30KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 99KB - Virtual size: 99KB

.reloc Size: 18KB - Virtual size: 18KB

799e28bcbf4e94ca50e4b0a2c283ab7d

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 12KB - Virtual size: 9KB

0a9558f2b835be437ad9bf2add5327f3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

odbc32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 36KB - Virtual size: 33KB

653d5efbf597eef23535f316f1956b00

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

.text
Size: 248KB - Virtual size: 248KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 21KB - Virtual size: 30KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 18KB - Virtual size: 18KB

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 36KB - Virtual size: 33KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 32KB - Virtual size: 28KB

.text
Size: 784KB - Virtual size: 781KB

.rdata
Size: 204KB - Virtual size: 201KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 92KB - Virtual size: 90KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB