Static task
static1
General
-
Target
qrcodegui.exe
-
Size
122KB
-
MD5
d3969f41e0ad49a549b79fc305395401
-
SHA1
bcad4c5ad639f8b340fe9532fefe6aeb6469b42c
-
SHA256
d3fbcea8e33639f2572f59b3945d0c9453cdd8fad41b1c3f31d6c07981f2d0a1
-
SHA512
08fb28b8ab2e0befa4b9a03ea8e587ddb5b09a3b40d524c9b9f18672817a90a04c8965d90a7a5d6193eb70a6d926ae17cd2dfcf57024e108678dbaf8d54164c0
-
SSDEEP
1536:YwpUNv+r8Si/syxPFIOWCF96RPP9mxWwcAZsWjcd0K7ug3VDMoVeR:YGRPkcWm0K7ug3VDMoVeR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource qrcodegui.exe
Files
-
qrcodegui.exe.exe windows x86
a015090e33e03213fed1657bc7eb30a1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdiplus
GdipDisposeImage
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdipLoadImageFromFileICM
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
kernel32
WriteConsoleW
SetStdHandle
LoadLibraryW
OutputDebugStringW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetFileAttributesW
CreateDirectoryW
CreateFileW
WriteFile
CloseHandle
DeleteFileW
CopyFileW
CreateProcessW
WaitForSingleObject
GetTempPathW
GetTempFileNameW
WideCharToMultiByte
ReadFile
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
FindResourceExW
GetModuleFileNameW
SetCurrentDirectoryW
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
SetFilePointerEx
GetConsoleMode
GetConsoleCP
RtlUnwind
Sleep
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
FlushFileBuffers
LCMapStringW
LockResource
HeapFree
QueryPerformanceCounter
GetFileType
HeapDestroy
HeapAlloc
HeapReAlloc
ReadConsoleW
HeapSize
GetProcessHeap
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineW
EncodePointer
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
GetStdHandle
user32
ReleaseDC
FillRect
ScreenToClient
GetDC
EndPaint
BeginPaint
GetWindowTextLengthW
MessageBoxW
GetWindowTextW
EndDialog
GetWindowRect
EnableWindow
LoadIconW
SendMessageW
SetWindowTextW
GetDlgItem
SetWindowPos
DialogBoxParamW
gdi32
CreateSolidBrush
DeleteObject
comdlg32
GetSaveFileNameW
shell32
SHGetFolderPathW
Sections
.text Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ