f232f8bdde1957f2b2e040dacf700520909c632602c1c333c0e790d5fe642f66

Sharing

Copy URL Twitter E-mail

General

Target

f232f8bdde1957f2b2e040dacf700520909c632602c1c333c0e790d5fe642f66
Size

242KB
MD5

64b3b1363910931600e029d0be8f935d
SHA1

96cb4d9710e4f114a8937248c286664bae02d1fc
SHA256

f232f8bdde1957f2b2e040dacf700520909c632602c1c333c0e790d5fe642f66
SHA512

ae8f260b1d66dee2a9e3a030380c3fea00f25cf81d594a75c581fb569e005815eaa27b6e55ee5afaa68ccb3072f91ddb4ccb64ae689cb9f39382e1436b5b183b
SSDEEP

6144:gjmer02U6yJoaGNYOS0WASgLaDqi40HLtBVK:gjJ0yLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f232f8bdde1957f2b2e040dacf700520909c632602c1c333c0e790d5fe642f66

Files

f232f8bdde1957f2b2e040dacf700520909c632602c1c333c0e790d5fe642f66
.exe windows x64

22c8d1a7747b764a049719423913b8b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

tiled

_ZN5Tiled10FileFormat23setCompatibilityVersionENS_20CompatibilityVersionE
_ZN5Tiled11readTilesetERK7QStringPS0_
_ZN5Tiled13PluginManager11loadPluginsEv
_ZN5Tiled13PluginManager8instanceEv
_ZN5Tiled13PluginManager9addObjectEP7QObject
_ZN5Tiled13PluginManager9mInstanceE
_ZN5Tiled16LoggingInterface16staticMetaObjectE
_ZN5Tiled16LoggingInterface4infoERK7QString
_ZN5Tiled16LoggingInterface5errorERK7QString
_ZN5Tiled16LoggingInterface7warningERK7QString
_ZN5Tiled16LoggingInterface8instanceEv
_ZN5Tiled17versionFromStringERK7QString
_ZN5Tiled19initializeMetatypesEv
_ZN5Tiled28increaseImageAllocationLimitEi
_ZN5Tiled7readMapERK7QStringPS0_
_ZNK5Tiled10FileFormat15hasCapabilitiesE6QFlagsINS0_10CapabilityEE
_ZTVN5Tiled10FileFormatE

tilededitor

_ZN5Tiled10MainWindow17initializeSessionEv
_ZN5Tiled10MainWindow8openFileERK7QStringPNS_10FileFormatE
_ZN5Tiled10MainWindowC1EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN5Tiled10MainWindowD1Ev
_ZN5Tiled11Preferences12setUseOpenGLEb
_ZN5Tiled11Preferences17setStartupProjectERK7QString
_ZN5Tiled11Preferences17setStartupSessionERK7QString
_ZN5Tiled11Preferences8instanceEv
_ZN5Tiled11StyleHelper10initializeEv
_ZN5Tiled12TmxMapFormatC1EP7QObject
_ZN5Tiled13ScriptManager17ensureInitializedEv
_ZN5Tiled13ScriptManager18setScriptArgumentsERK5QListI7QStringE
_ZN5Tiled13ScriptManager24evaluateFileOrLoadModuleERK7QString
_ZN5Tiled13ScriptManager8instanceEv
_ZN5Tiled16TiledApplication15fileOpenRequestERK7QString
_ZN5Tiled16TiledApplication16staticMetaObjectE
_ZN5Tiled16TiledApplicationC1ERiPPc
_ZN5Tiled16TiledApplicationD1Ev
_ZN5Tiled16TsxTilesetFormatC1EP7QObject
_ZN5Tiled23XmlObjectTemplateFormatC1EP7QObject
_ZN5Tiled7Session10initializeEv
_ZNK5Tiled12ExportHelper13formatOptionsEv
_ZNK5Tiled12ExportHelper16prepareExportMapEPKNS_3MapERSt10unique_ptrIS1_St14default_deleteIS1_EE
_ZNK5Tiled12ExportHelper20prepareExportTilesetERK14QSharedPointerINS_7TilesetEEb
_ZTVN5Tiled12TmxMapFormatE
_ZTVN5Tiled16TsxTilesetFormatE
_ZTVN5Tiled23XmlObjectTemplateFormatE

qt6core

_Z13qErrnoWarningPKcz
_Z9qBadAllocv
_Z9qChecksum14QByteArrayViewN2Qt12ChecksumTypeE
_ZN10QArrayData10deallocateEPS_xx
_ZN10QArrayData19reallocateUnalignedEPS_PvxxNS_16AllocationOptionE
_ZN10QArrayData8allocateEPPS_xxxNS_16AllocationOptionE
_ZN10QByteArray11reallocDataExN10QArrayData16AllocationOptionE
_ZN10QByteArray6_emptyE
_ZN10QByteArray6resizeEx
_ZN10QJsonArray14fromStringListERK5QListI7QStringE
_ZN10QJsonArrayD1Ev
_ZN11QDataStream10writeBytesEPKcj
_ZN11QDataStream11readRawDataEPci
_ZN11QDataStreamC1EP9QIODevice
_ZN11QDataStreamD1Ev
_ZN11QDataStreamlsEb
_ZN11QDataStreamlsEi
_ZN11QDataStreamrsERb
_ZN11QDataStreamrsERi
_ZN11QFileDevice12readLineDataEPcx
_ZN11QFileDevice4seekEx
_ZN11QFileDevice5closeEv
_ZN11QFileDevice8readDataEPcx
_ZN11QFileDevice9writeDataEPKcx
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN11QTextStreamC1EP6_iobuf6QFlagsIN13QIODeviceBase12OpenModeFlagEE
_ZN11QTextStreamD1Ev
_ZN11QTextStreamlsEPKc
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN11QTextStreamlsEi
_ZN13QJsonDocumentC1ERK10QJsonArray
_ZN13QJsonDocumentD1Ev
_ZN16QCoreApplication18applicationVersionEv
_ZN16QCoreApplication19applicationFilePathEv
_ZN16QCoreApplication9argumentsEv
_ZN16QCoreApplication9translateEPKcS1_S1_i
_ZN18QRegularExpressionC1ERK7QString6QFlagsINS_13PatternOptionEE
_ZN18QRegularExpressionD1Ev
_ZN2Qt4endlER11QTextStream
_ZN4QDir8tempPathEv
_ZN4QDir9cleanPathERK7QString
_ZN4QDirC1ERK7QString
_ZN4QDirD1Ev
_ZN5QFile11qt_metacallEN11QMetaObject4CallEiPPv
_ZN5QFile11qt_metacastEPKc
_ZN5QFile11setFileNameERK7QString
_ZN5QFile14setPermissionsE6QFlagsIN11QFileDevice10PermissionEE
_ZN5QFile4openE6QFlagsIN13QIODeviceBase12OpenModeFlagEE
_ZN5QFile6resizeEx
_ZN5QFileC2ERK7QString
_ZN5QFileC2Ev
_ZN5QFileD2Ev
_ZN6QDebug9putStringEPK5QChary
_ZN6QDebugD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10disconnectEPKS_PKcS1_S3_
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11connectImplEPKS_PPvS1_S3_PN9QtPrivate15QSlotObjectBaseEN2Qt14ConnectionTypeEPKiPK11QMetaObject
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QString10fromLatin1E14QByteArrayView
_ZN7QString13toUtf8_helperERKS_
_ZN7QString14toLower_helperERKS_
_ZN7QString14toLower_helperERS_
_ZN7QString23toLatin1_helper_inplaceERS_
_ZN7QString6_emptyE
_ZN7QString6appendE5QChar
_ZN7QString6appendERKS_
_ZN7QString6numberEii
_ZN7QString6numberEmi
_ZN7QString7replaceERK18QRegularExpressionRKS_
_ZN7QString8fromUtf8E14QByteArrayView
_ZN7QString8truncateEx
_ZN7QStringC1E5QChar
_ZN7QStringaSERKS_
_ZN8QLibrary7resolveEPKc
_ZN8QLibraryC1ERK7QStringP7QObject
_ZN8QLibraryD1Ev
_ZN9QFileInfoC1ERK11QFileDevice
_ZN9QFileInfoC1ERK7QString
_ZN9QFileInfoD1Ev
_ZN9QIODevice16waitForReadyReadEi
_ZN9QIODevice19waitForBytesWrittenEi
_ZN9QIODevice4readEx
_ZN9QIODevice5resetEv
_ZN9QIODevice5writeEPKcx
_ZN9QIODevice8skipDataEx
_ZN9QtPrivate13compareMemoryE14QByteArrayViewS0_
_ZN9QtPrivate14compareStringsE11QStringView13QLatin1StringN2Qt15CaseSensitivityE
_ZN9QtPrivate14compareStringsE11QStringViewS0_N2Qt15CaseSensitivityE
_ZN9QtPrivate16QStringList_sortEP5QListI7QStringEN2Qt15CaseSensitivityE
_ZNK11QFileDevice12isSequentialEv
_ZNK11QFileDevice3posEv
_ZNK11QFileDevice5atEndEv
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK13QJsonDocument6toJsonENS_10JsonFormatE
_ZNK14QMessageLogger4infoEPKcz
_ZNK14QMessageLogger4infoEv
_ZNK14QMessageLogger7warningEPKcz
_ZNK14QMessageLogger7warningEv
_ZNK4QDir12absolutePathEv
_ZNK5QFile10metaObjectEv
_ZNK5QFile11permissionsEv
_ZNK5QFile4sizeEv
_ZNK5QFile8fileNameEv
_ZNK7QString10startsWithE5QCharN2Qt15CaseSensitivityE
_ZNK7QString3argE5QChariS0_
_ZNK7QString3argERKS_i5QChar
_ZNK7QString3argExii5QChar
_ZNK7QString5utf16Ev
_ZNK7QString7compareERKS_N2Qt15CaseSensitivityE
_ZNK7QString7indexOfERKS_xN2Qt15CaseSensitivityE
_ZNK7QString7sectionERKS_xx6QFlagsINS_11SectionFlagEE
_ZNK9QFileInfo14completeSuffixEv
_ZNK9QFileInfo16absoluteFilePathEv
_ZNK9QFileInfo6existsEv
_ZNK9QFileInfo6suffixEv
_ZNK9QFileInfo8fileNameEv
_ZNK9QIODevice11canReadLineEv
_ZNK9QIODevice11errorStringEv
_ZNK9QIODevice12bytesToWriteEv
_ZNK9QIODevice14bytesAvailableEv
_ZNK9QIODevice6isOpenEv
_ZlsR11QDataStreamRK7QString
_ZrsR11QDataStreamR7QString
qt_version_tag_6_4

qt6gui

_ZN15QGuiApplication22applicationDisplayNameEv
_ZN15QGuiApplication35setHighDpiScaleFactorRoundingPolicyEN2Qt32HighDpiScaleFactorRoundingPolicyE
_ZN22QGuiApplicationPrivate20platform_integrationE

qt6network

_ZN12QLocalServer6listenERK7QString
_ZN12QLocalServerC1EP7QObject
_ZN12QLocalSocket15connectToServerERK7QString6QFlagsIN13QIODeviceBase12OpenModeFlagEE
_ZN12QLocalSocket16waitForConnectedEi
_ZN12QLocalSocket16waitForReadyReadEi
_ZN12QLocalSocket19waitForBytesWrittenEi
_ZN12QLocalSocket19waitForDisconnectedEi
_ZN12QLocalSocketC1EP7QObject
_ZN12QLocalSocketD1Ev
_ZNK12QLocalServer11errorStringEv
_ZNK12QLocalSocket5stateEv

qt6widgets

_ZN12QApplication11qt_metacallEN11QMetaObject4CallEiPPv
_ZN12QApplication11qt_metacastEPKc
_ZN12QApplication13compressEventEP6QEventP7QObjectP14QPostEventList
_ZN12QApplication16staticMetaObjectE
_ZN12QApplication4execEv
_ZN12QApplication5eventEP6QEvent
_ZN12QApplication6notifyEP7QObjectP6QEvent
_ZN12QApplicationC2ERiPPci
_ZN12QApplicationD2Ev
_ZN7QWidget14activateWindowEv
_ZN7QWidget14setWindowStateE6QFlagsIN2Qt11WindowStateEE
_ZN7QWidget4showEv
_ZN7QWidget5raiseEv
_ZNK7QWidget11windowStateEv

libgcc_s_seh-1

_Unwind_Resume

kernel32

AttachConsole
CloseHandle
CreateMutexW
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetLastError
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
OpenMutexW
ReleaseMutex
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_commode
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
freopen_s
fwrite
malloc
memcpy
memmove
signal
strcmp
strlen
strncmp
vfprintf

libstdc++-6

_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdlPv
_ZdlPvy
_Znwy
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__dynamic_cast
__gxx_personality_seh0

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 448B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/15
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/30
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/42
Size: 512B - Virtual size: 175B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/56
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/68
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22c8d1a7747b764a049719423913b8b1

Headers

DLL Characteristics

File Characteristics

Imports

tiled

tilededitor

qt6core

qt6gui

qt6network

qt6widgets

libgcc_s_seh-1

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 54KB - Virtual size: 53KB

.data Size: 1024B - Virtual size: 832B

.rdata Size: 7KB - Virtual size: 6KB

/4 Size: 512B - Virtual size: 16B

.pdata Size: 2KB - Virtual size: 2KB

.xdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 448B

.idata Size: 15KB - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 512B - Virtual size: 452B

/15 Size: 512B - Virtual size: 80B

/30 Size: 4KB - Virtual size: 3KB

/42 Size: 512B - Virtual size: 175B

/56 Size: 512B - Virtual size: 284B

/68 Size: 512B - Virtual size: 72B

/81 Size: 512B - Virtual size: 187B

.text
Size: 54KB - Virtual size: 53KB

.data
Size: 1024B - Virtual size: 832B

.rdata
Size: 7KB - Virtual size: 6KB

/4
Size: 512B - Virtual size: 16B

.pdata
Size: 2KB - Virtual size: 2KB

.xdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 448B

.idata
Size: 15KB - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 512B - Virtual size: 452B

/15
Size: 512B - Virtual size: 80B

/30
Size: 4KB - Virtual size: 3KB

/42
Size: 512B - Virtual size: 175B

/56
Size: 512B - Virtual size: 284B

/68
Size: 512B - Virtual size: 72B

/81
Size: 512B - Virtual size: 187B