be64d4146f0ac8510654065063183ad29bab664350fc6948da689239b5c30ad8

Resubmissions

10/05/2023, 15:31

230510-syb3wsgh52 3

03/02/2022, 08:48

220203-kqhxgaefgp 8

Sharing

Copy URL Twitter E-mail

General

Target

be64d4146f0ac8510654065063183ad29bab664350fc6948da689239b5c30ad8
Size

247KB
MD5

7575ecc5ac5ac568054eb36a5c8656c4
SHA1

50188fe5511fb419408ed0fd7874bc93ac3e986f
SHA256

be64d4146f0ac8510654065063183ad29bab664350fc6948da689239b5c30ad8
SHA512

fc942c6a9747f2c04e776892ffb522fdcf8968fff9352327865683415dc6e622c8dfba116e026a4161129b88bca2c88dd411d8fa73af1206a1c977e11c8ed7c2
SSDEEP

6144:7xYzcVM1C5scTcp6kLTdMxgpEJi4BhvWZTKssQ83K8A1f:1YzcVT5hT8fmhJReKHXk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be64d4146f0ac8510654065063183ad29bab664350fc6948da689239b5c30ad8

Files

be64d4146f0ac8510654065063183ad29bab664350fc6948da689239b5c30ad8
.exe windows x64

f87b96593652a08299ab88b38832dda4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5core

_Z20qResourceFeatureZlibv
_Z20qt_qFindChild_helperPK7QObjectRK7QStringRK11QMetaObject6QFlagsIN2Qt15FindChildOptionEE
_Z21qRegisterResourceDataiPKhS0_S0_
_Z23qUnregisterResourceDataiPKhS0_S0_
_ZN10QArrayData10deallocateEPS_yy
_ZN10QArrayData11shared_nullE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN10QByteArray6appendEPKc
_ZN10QByteArray6appendEc
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN11QTranslator4loadERK7QLocaleRK7QStringS5_S5_S5_
_ZN11QTranslatorC1EP7QObject
_ZN11QTranslatorD1Ev
_ZN14QStandardPaths16writableLocationENS_16StandardLocationE
_ZN16QCoreApplication12setAttributeEN2Qt20ApplicationAttributeEb
_ZN16QCoreApplication17installTranslatorEP11QTranslator
_ZN16QCoreApplication4exitEi
_ZN4QDir9separatorEv
_ZN4QDirC1ERK7QString
_ZN4QDirD1Ev
_ZN4QUrl7setPathERK7QStringNS_11ParsingModeE
_ZN4QUrl8setQueryERK7QStringNS_11ParsingModeE
_ZN4QUrlC1ERK7QStringNS_11ParsingModeE
_ZN4QUrlC1ERKS_
_ZN4QUrlD1Ev
_ZN5QFile4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN5QFileC1ERK7QString
_ZN5QFileD1Ev
_ZN7QLocale6systemEv
_ZN7QLocaleD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11connectImplEPKS_PPvS1_S3_PN9QtPrivate15QSlotObjectBaseEN2Qt14ConnectionTypeEPKiPK11QMetaObject
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11deleteLaterEv
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QString11reallocDataEjb
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString16fromAscii_helperEPKci
_ZN7QString6appendERKS_
_ZN8QProcess10nullDeviceEv
_ZN8QProcess10setProgramERK7QString
_ZN8QProcess12setArgumentsERK11QStringList
_ZN8QProcess13startDetachedEPx
_ZN8QProcess19setWorkingDirectoryERK7QString
_ZN8QProcess20setStandardErrorFileERK7QString6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN8QProcess21setStandardOutputFileERK7QString6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN8QProcessC1EP7QObject
_ZN8QProcessD1Ev
_ZN9QIODevice5writeEPKcx
_ZN9QIODevice7readAllEv
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData6detachEi
_ZN9QListData7disposeEPNS_4DataE
_ZN9QListData7reallocEi
_ZN9QMetaType22registerNormalizedTypeERK10QByteArrayPFvPvEPFS3_S3_PKvEi6QFlagsINS_8TypeFlagEEPK11QMetaObject
_ZNK11QMetaObject2trEPKcS1_i
_ZNK11QMetaObject9classNameEv
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK4QDir4pathEv
_ZNK4QDir6existsEv
_ZNK4QDir6mkpathERK7QString
_ZNK4QUrl4pathE6QFlagsINS_25ComponentFormattingOptionEE
_ZNK4QUrleqERKS_
_ZNK5QFile8fileNameEv
_ZNK7QString3argERKS_i5QChar
_ZNK9QIODevice11errorStringEv

qt5gui

_ZN15QGuiApplication13setWindowIconERK5QIcon
_ZN15QGuiApplication4execEv
_ZN15QGuiApplicationC1ERiPPci
_ZN15QGuiApplicationD1Ev
_ZN5QIconC1ERK7QString
_ZN5QIconD1Ev

qt5network

_ZN13QNetworkReply16staticMetaObjectE
_ZN15QNetworkRequestC1ERK4QUrl
_ZN15QNetworkRequestD1Ev
_ZN21QNetworkAccessManager16staticMetaObjectE
_ZN21QNetworkAccessManager3getERK15QNetworkRequest
_ZN21QNetworkAccessManager8finishedEP13QNetworkReply
_ZN21QNetworkAccessManagerC1EP7QObject
_ZNK13QNetworkReply3urlEv
_ZNK13QNetworkReply5errorEv
_ZNK13QNetworkReply7managerEv

qt5qml

_ZN10QQmlEngine4quitEv
_ZN11QQmlContext18setContextPropertyERK7QStringP7QObject
_ZN21QQmlApplicationEngine13objectCreatedEP7QObjectRK4QUrl
_ZN21QQmlApplicationEngine16staticMetaObjectE
_ZN21QQmlApplicationEngine4loadERK4QUrl
_ZN21QQmlApplicationEngineC1EP7QObject
_ZN21QQmlApplicationEngineD1Ev
_ZNK10QQmlEngine11rootContextEv

qt5quick

_ZN10QQuickItem16staticMetaObjectE

libgcc_s_seh-1

_Unwind_Resume

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
__C_specific_handler

msvcrt

__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strcmp
strlen
strncmp
vfprintf

libstdc++-6

_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdlPvy
_Znwy
__cxa_begin_catch
__cxa_end_catch
__cxa_rethrow
__gxx_personality_seh0

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f87b96593652a08299ab88b38832dda4

Headers

File Characteristics

Imports

qt5core

qt5gui

qt5network

qt5qml

qt5quick

libgcc_s_seh-1

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 304B

.rdata Size: 147KB - Virtual size: 147KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 2KB

.idata Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

/4 Size: 512B - Virtual size: 80B

/19 Size: 8KB - Virtual size: 7KB

/31 Size: 512B - Virtual size: 329B

/45 Size: 1024B - Virtual size: 546B

/57 Size: 512B - Virtual size: 72B

/70 Size: 512B - Virtual size: 155B

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 304B

.rdata
Size: 147KB - Virtual size: 147KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

/4
Size: 512B - Virtual size: 80B

/19
Size: 8KB - Virtual size: 7KB

/31
Size: 512B - Virtual size: 329B

/45
Size: 1024B - Virtual size: 546B

/57
Size: 512B - Virtual size: 72B

/70
Size: 512B - Virtual size: 155B