7e239b48f75aa4710d6bc06e26156ee89b928a5c9b417a5f2404733d8b611a2e

Sharing

Copy URL Twitter E-mail

General

Target

7e239b48f75aa4710d6bc06e26156ee89b928a5c9b417a5f2404733d8b611a2e
Size

188KB
MD5

b6e2696e5193f93cbf3d3339de513eb5
SHA1

9653bedf1ac8a5795b2243ee5896f29cea630377
SHA256

7e239b48f75aa4710d6bc06e26156ee89b928a5c9b417a5f2404733d8b611a2e
SHA512

faaade4a06e7cc9820b96ae11cfe3489398acefad79d6abe336b965a3da13763806fc99abd976dc3c00375f4592b61361d60362631682e102cbd58d97d3cc0e3
SSDEEP

3072:qL0G5KzNLphh1B7LEhKWSB0Ehg2sKtNpjaolkt/:tGoNLphxMDOsKtXaolkt/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e239b48f75aa4710d6bc06e26156ee89b928a5c9b417a5f2404733d8b611a2e

Files

7e239b48f75aa4710d6bc06e26156ee89b928a5c9b417a5f2404733d8b611a2e
.exe windows x64

43755a6d70ba314b3bcdc4385ce9410c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

jy_base

?initGlobalStyle@WindowManager@JYX_SC_Space@@QEAAXXZ
?readLastLoginInfoIni@WindowManager@JYX_SC_Space@@QEAAXXZ
?loadSettingSystemAll@WindowManager@JYX_SC_Space@@QEAAXXZ
?detectHDSNInfo1@WindowManager@JYX_SC_Space@@QEAA_NXZ
?detectCDiskInfo@WindowManager@JYX_SC_Space@@QEAA_NXZ
?resetHDSerial@WindowManager@JYX_SC_Space@@QEAAXXZ
?getSettingSytemIniFilePath@WindowManager@JYX_SC_Space@@SA?AVQString@@XZ
?initAutoLock@WindowManager@JYX_SC_Space@@QEAAXH@Z
?initLoginDlg@WindowManager@JYX_SC_Space@@QEAAXW4ApiType@2@_N@Z
?initMainWindow@WindowManager@JYX_SC_Space@@QEAAXW4ApiType@2@H_N@Z
?setMyDllDirectorySubModule@WindowManager@JYX_SC_Space@@QEAAXXZ
?instance@UserDataManager@JYX_SC_Space@@SAPEAV12@XZ
?deleteInstance@UserDataManager@JYX_SC_Space@@SAXXZ
??0MySplashScreen@@QEAA@AEBVQPixmap@@@Z
??1MySplashScreen@@UEAA@XZ
?getUDID@loginDlg@JYX_SC_Space@@QEAAHXZ
?metaObject@MySplashScreen@@UEBAPEBUQMetaObject@@XZ
?qt_metacall@MySplashScreen@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@MySplashScreen@@UEAAPEAXPEBD@Z
gWM
gIsPostAutoUpdate
?setMyDllDirectory@WindowManager@JYX_SC_Space@@QEAAXVQString@@@Z
?deleteLoginDlg@WindowManager@JYX_SC_Space@@QEAAXXZ
?initSpdLogGeneral@WindowManager@JYX_SC_Space@@QEAAXXZ
?instance@WindowManager@JYX_SC_Space@@SAPEAV12@XZ

kernel32

GetCurrentThreadId
GetCurrentProcess
RtlCaptureContext
CloseHandle
CreateFileW
LoadLibraryA
GetCurrentProcessId
SetUnhandledExceptionFilter
WideCharToMultiByte
LocalFree
GetCommandLineW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

qt5widgets

?wheelEvent@QWidget@@MEAAXPEAVQWheelEvent@@@Z
?tabletEvent@QWidget@@MEAAXPEAVQTabletEvent@@@Z
?sizeHint@QWidget@@UEBA?AVQSize@@XZ
?showEvent@QWidget@@MEAAXPEAVQShowEvent@@@Z
?sharedPainter@QWidget@@MEBAPEAVQPainter@@XZ
?setVisible@QWidget@@UEAAX_N@Z
?resizeEvent@QWidget@@MEAAXPEAVQResizeEvent@@@Z
?redirected@QWidget@@MEBAPEAVQPaintDevice@@PEAVQPoint@@@Z
?paintEvent@QWidget@@MEAAXPEAVQPaintEvent@@@Z
?paintEngine@QWidget@@UEBAPEAVQPaintEngine@@XZ
?nativeEvent@QWidget@@MEAA_NAEBVQByteArray@@PEAXPEAJ@Z
?moveEvent@QWidget@@MEAAXPEAVQMoveEvent@@@Z
?mouseReleaseEvent@QWidget@@MEAAXPEAVQMouseEvent@@@Z
?mousePressEvent@QSplashScreen@@MEAAXPEAVQMouseEvent@@@Z
?mouseMoveEvent@QWidget@@MEAAXPEAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QWidget@@MEAAXPEAVQMouseEvent@@@Z
?minimumSizeHint@QWidget@@UEBA?AVQSize@@XZ
?setStandardButtons@QMessageBox@@QEAAXV?$QFlags@W4StandardButton@QMessageBox@@@@@Z
?leaveEvent@QWidget@@MEAAXPEAVQEvent@@@Z
?keyReleaseEvent@QWidget@@MEAAXPEAVQKeyEvent@@@Z
?keyPressEvent@QWidget@@MEAAXPEAVQKeyEvent@@@Z
?inputMethodQuery@QWidget@@UEBA?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?inputMethodEvent@QWidget@@MEAAXPEAVQInputMethodEvent@@@Z
?initPainter@QWidget@@MEBAXPEAVQPainter@@@Z
?hideEvent@QWidget@@MEAAXPEAVQHideEvent@@@Z
?heightForWidth@QWidget@@UEBAHH@Z
?hasHeightForWidth@QWidget@@UEBA_NXZ
?focusOutEvent@QWidget@@MEAAXPEAVQFocusEvent@@@Z
?focusNextPrevChild@QWidget@@MEAA_N_N@Z
?focusInEvent@QWidget@@MEAAXPEAVQFocusEvent@@@Z
?event@QSplashScreen@@MEAA_NPEAVQEvent@@@Z
?enterEvent@QWidget@@MEAAXPEAVQEvent@@@Z
?dropEvent@QWidget@@MEAAXPEAVQDropEvent@@@Z
?drawContents@QSplashScreen@@MEAAXPEAVQPainter@@@Z
?dragMoveEvent@QWidget@@MEAAXPEAVQDragMoveEvent@@@Z
?dragLeaveEvent@QWidget@@MEAAXPEAVQDragLeaveEvent@@@Z
?dragEnterEvent@QWidget@@MEAAXPEAVQDragEnterEvent@@@Z
?devType@QWidget@@UEBAHXZ
?metric@QWidget@@MEBAHW4PaintDeviceMetric@QPaintDevice@@@Z
?contextMenuEvent@QWidget@@MEAAXPEAVQContextMenuEvent@@@Z
?closeEvent@QWidget@@MEAAXPEAVQCloseEvent@@@Z
?changeEvent@QWidget@@MEAAXPEAVQEvent@@@Z
?actionEvent@QWidget@@MEAAXPEAVQActionEvent@@@Z
?create@QStyleFactory@@SAPEAVQStyle@@AEBVQString@@@Z
?screenGeometry@QDesktopWidget@@QEBA?BVQRect@@H@Z
?finish@QSplashScreen@@QEAAXPEAVQWidget@@@Z
?setButtonText@QMessageBox@@QEAAXHAEBVQString@@@Z
??1QMessageBox@@UEAA@XZ
??0QApplication@@QEAA@AEAHPEAPEADH@Z
??1QApplication@@UEAA@XZ
?setStyle@QApplication@@SAXPEAVQStyle@@@Z
?desktop@QApplication@@SAPEAVQDesktopWidget@@XZ
?exec@QApplication@@SAHXZ
?width@QWidget@@QEBAHXZ
?height@QWidget@@QEBAHXZ
?show@QWidget@@QEAAXXZ
?setGeometry@QWidget@@QEAAXHHHH@Z
??0QMessageBox@@QEAA@W4Icon@0@AEBVQString@@1V?$QFlags@W4StandardButton@QMessageBox@@@@PEAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
?setWindowFlag@QWidget@@QEAAXW4WindowType@Qt@@_N@Z
?exec@QDialog@@UEAAHXZ
?critical@QMessageBox@@SA?AW4StandardButton@1@PEAVQWidget@@AEBVQString@@1V?$QFlags@W4StandardButton@QMessageBox@@@@W421@@Z

qt5gui

??0QPixmap@@QEAA@AEBVQString@@PEBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
??1QPixmap@@UEAA@XZ

qt5core

?qResourceFeatureZlib@@YAEXZ
?qUnregisterResourceData@@YA_NHPEBE00@Z
?qRegisterResourceData@@YA_NHPEBE00@Z
?shared_null@QListData@@2UData@1@B
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?attach@QSharedMemory@@QEAA_NW4AccessMode@1@@Z
?create@QSharedMemory@@QEAA_NHW4AccessMode@1@@Z
?setKey@QSharedMemory@@QEAAXAEBVQString@@@Z
??1QSharedMemory@@UEAA@XZ
??0QSharedMemory@@QEAA@AEBVQString@@PEAVQObject@@@Z
?setIniCodec@QSettings@@QEAAXPEBD@Z
?value@QSettings@@QEBA?AVQVariant@@AEBVQString@@AEBV2@@Z
?endGroup@QSettings@@QEAAXXZ
?beginGroup@QSettings@@QEAAXAEBVQString@@@Z
??1QSettings@@UEAA@XZ
??0QSettings@@QEAA@AEBVQString@@W4Format@0@PEAVQObject@@@Z
?startDetached@QProcess@@SA_NAEBVQString@@AEBVQStringList@@@Z
?readAllStandardOutput@QProcess@@QEAA?AVQByteArray@@XZ
?waitForFinished@QProcess@@QEAA_NH@Z
?start@QProcess@@QEAAXAEBVQString@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?start@QProcess@@QEAAXAEBVQString@@AEBVQStringList@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QProcess@@UEAA@XZ
??0QProcess@@QEAA@PEAVQObject@@@Z
??6QDebug@@QEAAAEAV0@AEBVQString@@@Z
??6QDebug@@QEAAAEAV0@PEBD@Z
??1QDebug@@QEAA@XZ
?exists@QDir@@QEBA_NAEBVQString@@@Z
?mkpath@QDir@@QEBA_NAEBVQString@@@Z
??0QDir@@QEAA@AEBVQString@@@Z
?currentDateTime@QDateTime@@SA?AV1@XZ
?toString@QDateTime@@QEBA?AVQString@@AEBV2@@Z
??1QDateTime@@QEAA@XZ
?height@QRect@@QEBAHXZ
?width@QRect@@QEBAHXZ
?toBool@QVariant@@QEBA_NXZ
??0QVariant@@QEAA@_N@Z
??1QVariant@@QEAA@XZ
??0QMessageLogger@@QEAA@PEBDH0@Z
?debug@QMessageLogger@@QEBA?AVQDebug@@XZ
??0QChar@@QEAA@UQLatin1Char@@@Z
??1QByteArray@@QEAA@XZ
??0QString@@QEAA@XZ
??0QString@@QEAA@AEBV0@@Z
??1QString@@QEAA@XZ
?arg@QString@@QEBA?AV1@AEBV1@HVQChar@@@Z
?indexOf@QString@@QEBAHAEBV1@HW4CaseSensitivity@Qt@@@Z
?toLower@QString@@QEGBA?AV1@XZ
?append@QString@@QEAAAEAV1@AEBV1@@Z
?utf16@QString@@QEBAPEBGXZ
?fromUtf8@QString@@SA?AV1@PEBDH@Z
?number@QString@@SA?AV1@KH@Z
?number@QString@@SA?AV1@_KH@Z
??0QString@@QEAA@AEBVQByteArray@@@Z
?fromStdString@QString@@SA?AV1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?fromAscii_helper@QString@@CAPEAU?$QTypedArrayData@G@@PEBDH@Z
?detach@QListData@@QEAAPEAUData@1@H@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?realloc@QListData@@QEAAXH@Z
?dispose@QListData@@QEAAXXZ
?dispose@QListData@@SAXPEAUData@1@@Z
?append@QListData@@QEAAPEAPEAXXZ
?begin@QListData@@QEBAPEAPEAXXZ
?end@QListData@@QEBAPEAPEAXXZ
?tr@QObject@@SA?AVQString@@PEBD0H@Z
?instance@QCoreApplication@@SAPEAV1@XZ
?applicationDirPath@QCoreApplication@@SA?AVQString@@XZ
?applicationFilePath@QCoreApplication@@SA?AVQString@@XZ

msvcp140

?_Xbad_alloc@std@@YAXXZ
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
_Mbrtowc
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

dbghelp

MiniDumpWriteDump

vcruntime140

memcmp
memset
__std_terminate
__current_exception
__current_exception_context
__C_specific_handler
__std_type_info_destroy_list
memcpy
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memmove

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_seh_filter_dll
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
exit
_initterm
_initterm_e
terminate
_c_exit
_set_app_type
_seh_filter_exe
_cexit
_crt_at_quick_exit
_get_narrow_winmain_command_line
_crt_atexit
_execute_onexit_table
_register_onexit_function
_exit
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-convert-l1-1-0

wcstombs
mbstowcs

api-ms-win-crt-locale-l1-1-0

setlocale
_configthreadlocale

api-ms-win-crt-heap-l1-1-0

calloc
_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

shell32

CommandLineToArgvW

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43755a6d70ba314b3bcdc4385ce9410c

Headers

DLL Characteristics

File Characteristics

Imports

jy_base

kernel32

advapi32

qt5widgets

qt5gui

qt5core

msvcp140

dbghelp

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

shell32

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 1KB - Virtual size: 3KB

.pdata Size: 2KB - Virtual size: 2KB

.idata Size: 18KB - Virtual size: 18KB

.00cfg Size: 512B - Virtual size: 337B

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 992B

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 1KB - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 2KB

.idata
Size: 18KB - Virtual size: 18KB

.00cfg
Size: 512B - Virtual size: 337B

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 992B