68aa909d5ecb471266e3003509d0cc2c6494b8662adb3fb16d49437d234f8e41

Sharing

Copy URL Twitter E-mail

General

Target

68aa909d5ecb471266e3003509d0cc2c6494b8662adb3fb16d49437d234f8e41
Size

7.9MB
MD5

7619541e076938709766099e1b8cd1c1
SHA1

31339f1a4785d90a4b30fcf4704d3b43f6aa50b2
SHA256

68aa909d5ecb471266e3003509d0cc2c6494b8662adb3fb16d49437d234f8e41
SHA512

05c613a7b7fb0d05c4c8310f27ab19eeb7ae0002bfb3e03f6ead2e6152af5e41c385a1f3d99656ca845aa0a4df08da9b0ed343753208b95d2d11b682e9f8c873
SSDEEP

196608:eJN+w/nw0vwXSXwB7d4NMKMKDVn3ZJ/sjIy563v9P:eSmnwuliR4NMKMc3Ztv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68aa909d5ecb471266e3003509d0cc2c6494b8662adb3fb16d49437d234f8e41

Files

68aa909d5ecb471266e3003509d0cc2c6494b8662adb3fb16d49437d234f8e41
.exe windows x64

f02e8857f609cd8c290d880caf444777

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA

api-ms-win-core-memory-l1-1-0

VirtualAllocEx

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId

api-ms-win-core-processenvironment-l1-1-0

SetEnvironmentVariableW

api-ms-win-core-synch-l1-1-0

WaitForSingleObject

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-file-l1-1-0

GetFileAttributesW

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

user32

wsprintfW
CharUpperBuffW

shell32

ShellExecuteW

libcurl-x64

curl_easy_cleanup

qt6core

??6QDataStream@@QEAAAEAV0@H@Z

qt6gui

??0QCursor@@QEAA@W4CursorShape@Qt@@@Z

qt6widgets

?setText@QLineEdit@@QEAAXAEBVQString@@@Z

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy

api-ms-win-crt-stdio-l1-1-0

__p__commode

api-ms-win-crt-heap-l1-1-0

malloc

api-ms-win-crt-runtime-l1-1-0

system

api-ms-win-crt-string-l1-1-0

isalnum

api-ms-win-crt-filesystem-l1-1-0

rename

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

_dsign

api-ms-win-crt-convert-l1-1-0

strtoll

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-localization-l1-2-0

FormatMessageA

api-ms-win-core-file-l1-2-2

AreFileApisANSI

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

kernel32

GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

Sections

.text
Size: - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2kR
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

._~I
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.}G2
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f02e8857f609cd8c290d880caf444777

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-memory-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-string-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-timezone-l1-1-0

user32

shell32

libcurl-x64

qt6core

qt6gui

qt6widgets

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-file-l1-2-2

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-file-l2-1-2

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-debug-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

kernel32

Sections

.text Size: - Virtual size: 219KB

.rdata Size: - Virtual size: 81KB

.data Size: - Virtual size: 7KB

.pdata Size: - Virtual size: 9KB

.2kR Size: - Virtual size: 5.5MB

._~I Size: 6KB - Virtual size: 5KB

.}G2 Size: 7.9MB - Virtual size: 7.9MB

.reloc Size: 512B - Virtual size: 180B

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: - Virtual size: 219KB

.rdata
Size: - Virtual size: 81KB

.data
Size: - Virtual size: 7KB

.pdata
Size: - Virtual size: 9KB

.2kR
Size: - Virtual size: 5.5MB

._~I
Size: 6KB - Virtual size: 5KB

.}G2
Size: 7.9MB - Virtual size: 7.9MB

.reloc
Size: 512B - Virtual size: 180B

.rsrc
Size: 5KB - Virtual size: 4KB