7a71caa45ab82c4b6541e3658ea317420e8fc45a3ca6aed2b264fce6f45c13c5

Sharing

Copy URL Twitter E-mail

General

Target

7a71caa45ab82c4b6541e3658ea317420e8fc45a3ca6aed2b264fce6f45c13c5
Size

178KB
MD5

f6d2a6c266f9f791f675420d2bf50d84
SHA1

882c5d182f3a08661f690e840d43ee31bc4870dd
SHA256

7a71caa45ab82c4b6541e3658ea317420e8fc45a3ca6aed2b264fce6f45c13c5
SHA512

5d5af15ecb3ae1ecaa26c7c6329a0c8cc0de4b6a53e37359ced89d418c59b97b9172ef6057f47ccc2060e7727a5191ebfa9a0279b2706fb23e7bf9144a9a84d5
SSDEEP

1536:Mg1PmqLykJ3H8GmuoOBeiiXpQNNSwBnkiD9Bfx:X1PBJ3H5muoOBehI3BnkiZBJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a71caa45ab82c4b6541e3658ea317420e8fc45a3ca6aed2b264fce6f45c13c5

Files

7a71caa45ab82c4b6541e3658ea317420e8fc45a3ca6aed2b264fce6f45c13c5
.dll regsvr32 windows x86

45bc2ac9fdeadafa9f4c0b414357f45b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHChangeNotify

qt5core

?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?fromStdWString@QString@@SA?AV1@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
?shared_null@QListData@@2UData@1@B
??1QString@@QAE@XZ
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?append@QListData@@QAEPAPAXXZ
??1QFileInfo@@QAE@XZ
??1QDir@@QAE@XZ
?setLibraryPaths@QCoreApplication@@SAXABVQStringList@@@Z
?absolutePath@QDir@@QBE?AVQString@@XZ
?dir@QFileInfo@@QBE?AVQDir@@XZ
?dispose@QListData@@SAXPAUData@1@@Z
??0QString@@QAE@ABV0@@Z
??1QByteArray@@QAE@XZ
??0QByteArray@@QAE@PBDH@Z
?detach@QListData@@QAEPAUData@1@H@Z

qt5svg

?defaultSize@QSvgRenderer@@QBE?AVQSize@@XZ
??1QSvgRenderer@@UAE@XZ
?isValid@QSvgRenderer@@QBE_NXZ
??0QSvgRenderer@@QAE@ABVQByteArray@@PAVQObject@@@Z
?render@QSvgRenderer@@QAEXPAVQPainter@@ABVQRectF@@@Z

qt5widgets

?notify@QApplication@@UAE_NPAVQObject@@PAVQEvent@@@Z
?metaObject@QApplication@@UBEPBUQMetaObject@@XZ
?qt_metacast@QApplication@@UAEPAXPBD@Z
?compressEvent@QApplication@@MAE_NPAVQEvent@@PAVQObject@@PAVQPostEventList@@@Z
?event@QApplication@@MAE_NPAVQEvent@@@Z
??1QApplication@@UAE@XZ
??0QApplication@@QAE@AAHPAPADH@Z
?qt_metacall@QApplication@@UAEHW4Call@QMetaObject@@HPAPAX@Z

qt5winextras

?toHBITMAP@QtWin@@YAPAUHBITMAP__@@ABVQPixmap@@W4HBitmapFormat@1@@Z

qt5gui

?end@QPainter@@QAE_NXZ
?setRenderHints@QPainter@@QAEXV?$QFlags@W4RenderHint@QPainter@@@@_N@Z
??1QPixmap@@UAE@XZ
??1QPainter@@QAE@XZ
??1QImage@@UAE@XZ
??0QPainter@@QAE@PAVQPaintDevice@@@Z
?fill@QImage@@QAEXW4GlobalColor@Qt@@@Z
??0QImage@@QAE@ABVQSize@@W4Format@0@@Z
?fromImage@QPixmap@@SA?AV1@ABVQImage@@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
SetUnhandledExceptionFilter
InterlockedExchange
DecodePointer
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
DisableThreadLibraryCalls
GetModuleFileNameW
GetLastError
InterlockedDecrement
InterlockedIncrement
lstrlenW

advapi32

RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegDeleteKeyValueW
RegOpenKeyExW
RegDeleteTreeW
RegCloseKey

ole32

StringFromGUID2

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

msvcr100

_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_onexit
_malloc_crt
??_V@YAXPAX@Z
swprintf_s
memset
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
memmove
memcpy
?what@exception@std@@UBEPBDXZ
_except_handler4_common
free

shlwapi

ord219

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45bc2ac9fdeadafa9f4c0b414357f45b

Headers

DLL Characteristics

File Characteristics

Imports

shell32

qt5core

qt5svg

qt5widgets

qt5winextras

qt5gui

kernel32

advapi32

ole32

msvcp100

msvcr100

shlwapi

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 152KB - Virtual size: 152KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 152KB - Virtual size: 152KB

.reloc
Size: 2KB - Virtual size: 1KB