b1df98658b82ecd6d29f832d15ba6efd463a400361bf74970dd9fe32988797b3

Sharing

Copy URL Twitter E-mail

General

Target

b1df98658b82ecd6d29f832d15ba6efd463a400361bf74970dd9fe32988797b3
Size

4.0MB
MD5

746ad51a6510b96ba06110205d1e35b4
SHA1

5eef68d4e8c96632bfdaa93f6a202b11aa198c50
SHA256

b1df98658b82ecd6d29f832d15ba6efd463a400361bf74970dd9fe32988797b3
SHA512

51f6cd4bffee60c8a061914a6e2c0a9fdb86ab75618d6def1787826c1386e07e3514f7ce2344f31faf00e3beba39d7b03074c4daca9b9800ff44e904364a9f60
SSDEEP

98304:wo6FSZvboo/sujof5VQGYMiIsF/qWxtsXCR20LqyT9Ph:r60xUujoPrYsJWxjLqu9J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1df98658b82ecd6d29f832d15ba6efd463a400361bf74970dd9fe32988797b3

Files

b1df98658b82ecd6d29f832d15ba6efd463a400361bf74970dd9fe32988797b3
.exe windows:5 windows x86

cc1b029c384552dcb53f50aea62df768

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qt5core

?currentDateTime@QDateTime@@SA?AV1@XZ

qt5gui

?setApplicationDisplayName@QGuiApplication@@SAXABVQString@@@Z

qt5widgets

?event@QWidget@@MAE_NPAVQEvent@@@Z

qt5webkitwidgets

?dragLeaveEvent@QWebView@@MAEXPAVQDragLeaveEvent@@@Z

qt5network

??1QSslConfiguration@@QAE@XZ

kernel32

GetVersionExW
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

FindWindowExW

shell32

ShellExecuteExW

msvcp110

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

msvcr110

_beginthreadex

jjdps

JJDPSInit

tklobbytoolkit

?Instance@CTKStatHelper@@SAAAV1@XZ

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.79p
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pUl
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c:)
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc1b029c384552dcb53f50aea62df768

Headers

DLL Characteristics

File Characteristics

Imports

qt5core

qt5gui

qt5widgets

qt5webkitwidgets

qt5network

kernel32

user32

shell32

msvcp110

msvcr110

jjdps

tklobbytoolkit

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 1KB - Virtual size: 2KB

.79p Size: 1.7MB - Virtual size: 1.7MB

.pUl Size: 2KB - Virtual size: 2KB

.c:) Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 10KB - Virtual size: 10KB

.rsrc Size: 73KB - Virtual size: 72KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 1KB - Virtual size: 2KB

.79p
Size: 1.7MB - Virtual size: 1.7MB

.pUl
Size: 2KB - Virtual size: 2KB

.c:)
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 73KB - Virtual size: 72KB