43880fc600c342beea10765a4f69fcf65e6b4173a810d560e95b15ca2b6a76cd

Sharing

Copy URL Twitter E-mail

General

Target

43880fc600c342beea10765a4f69fcf65e6b4173a810d560e95b15ca2b6a76cd
Size

626KB
MD5

905f53ed23edce390356c1981a29666d
SHA1

a75bfc7b26f433ff0c2445830150ef2083b3b5c0
SHA256

43880fc600c342beea10765a4f69fcf65e6b4173a810d560e95b15ca2b6a76cd
SHA512

455ae7c261f5aa626bb8894e951a9271a60aba7aa8bb780b4df11d1553c606cd0821cac825cb831c3afff1643ee0acccc69d20563da339295424d7aae9a6e1cd
SSDEEP

12288:xEH2Lvc2slETfuhqTNhi32cQXHqv3XTOFDFNux40LTDF80Or+rS:S8ulETfuhGu2JXiXKFgPTZ3OmS

Score

1^/10

Malware Config

Signatures

Files

43880fc600c342beea10765a4f69fcf65e6b4173a810d560e95b15ca2b6a76cd
.exe windows:4 windows x86

85fcb514582f8ed1189004d8ca2b0f1b

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:f8:2e:c9:b2:e8:50:70:37:3f:2c:f3:8a:83:e1:cc
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/03/2021, 00:00

Not After

07/03/2024, 23:59

Subject

SERIALNUMBER=913101130712166500,CN=Shanghai Hudun Information Technology Co.\, Ltd.,O=Shanghai Hudun Information Technology Co.\, Ltd.,ST=上海市,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e5ae9de5b1b1e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:f8:2e:c9:b2:e8:50:70:37:3f:2c:f3:8a:83:e1:cc
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/03/2021, 00:00

Not After

07/03/2024, 23:59

Subject

SERIALNUMBER=913101130712166500,CN=Shanghai Hudun Information Technology Co.\, Ltd.,O=Shanghai Hudun Information Technology Co.\, Ltd.,ST=上海市,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e5ae9de5b1b1e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:44:0d:bb:65:6e:d8:fb:57:14:44:3b:6f:f7:7d:f3:e9:90:20:de:c9:f2:80:c9:6e:da:3c:18:16:13:c5:0b
Signer

Actual PE Digest

3f:44:0d:bb:65:6e:d8:fb:57:14:44:3b:6f:f7:7d:f3:e9:90:20:de:c9:f2:80:c9:6e:da:3c:18:16:13:c5:0b

Digest Algorithm

sha256

PE Digest Matches

false

08:2a:86:8f:61:1e:e5:11:80:09:c3:bd:cc:44:a0:c9:4e:57:4e:8d
Signer

Actual PE Digest

08:2a:86:8f:61:1e:e5:11:80:09:c3:bd:cc:44:a0:c9:4e:57:4e:8d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libcurl

curl_easy_cleanup
curl_easy_init
curl_easy_setopt
curl_multi_add_handle
curl_multi_cleanup
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_slist_append

qt5core

_Z21qRegisterResourceDataiPKhS0_S0_
_Z23qUnregisterResourceDataiPKhS0_S0_
_Z4endlR11QTextStream
_Z7qputenvPKcRK10QByteArray
_Z9qBadAllocv
_ZN10QArrayData10deallocateEPS_jj
_ZN10QArrayData11shared_nullE
_ZN10QArrayData8allocateEjjj6QFlagsINS_16AllocationOptionEE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN10QByteArrayC1EPKci
_ZN10QJsonArrayD1Ev
_ZN10QJsonValueD1Ev
_ZN10QTextCodec12codecForNameERK10QByteArray
_ZN11QJsonObject4takeERK7QString
_ZN11QJsonObjectD1Ev
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QMetaObject14normalizedTypeEPKc
_ZN11QMetaObject18connectSlotsByNameEP7QObject
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN11QTextStreamlsEPKc
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN11QTextStreamlsEd
_ZN11QTextStreamlsEi
_ZN11QTextStreamlsEj
_ZN11QTextStreamlsEl
_ZN11QTextStreamlsEt
_ZN13QJsonDocument8fromJsonERK10QByteArrayP15QJsonParseError
_ZN13QJsonDocumentD1Ev
_ZN14QStandardPaths16writableLocationENS_16StandardLocationE
_ZN16QCoreApplication12setAttributeEN2Qt20ApplicationAttributeEb
_ZN16QCoreApplication4exitEi
_ZN16QCoreApplication4selfE
_ZN16QCoreApplication9translateEPKcS1_S1_i
_ZN4QDir8tempPathEv
_ZN4QDirC1ERK7QString
_ZN4QDirD1Ev
_ZN4QUrlC1ERK7QStringNS_11ParsingModeE
_ZN4QUrlC1ERKS_
_ZN4QUrlD1Ev
_ZN5QDate11currentDateEv
_ZN6QDebug9putStringEPK5QCharj
_ZN6QDebugD1Ev
_ZN6QTimer11setIntervalEi
_ZN6QTimer16staticMetaObjectE
_ZN6QTimer4stopEv
_ZN6QTimer5startEi
_ZN6QTimer5startEv
_ZN6QTimer7timeoutENS_14QPrivateSignalE
_ZN6QTimerC1EP7QObject
_ZN6QTimerD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11connectImplEPKS_PPvS1_S3_PN9QtPrivate15QSlotObjectBaseEN2Qt14ConnectionTypeEPKiPK11QMetaObject
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject13setObjectNameERK7QString
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QString13toUtf8_helperERKS_
_ZN7QString14compare_helperEPK5QChariPKciN2Qt15CaseSensitivityE
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString16fromAscii_helperEPKci
_ZN7QString6appendERKS_
_ZN7QString6numberEii
_ZN7QString7replaceERKS_S1_N2Qt15CaseSensitivityE
_ZN7QString9fromUtf16EPKti
_ZN7QStringaSERKS_
_ZN8QSysInfo11productTypeEv
_ZN8QSysInfo14productVersionEv
_ZN8QVariantC1ERK5QRect
_ZN8QVariantC1ERK7QString
_ZN8QVariantD1Ev
_ZN9QHashData11free_helperEPFvPNS_4NodeEE
_ZN9QHashData11shared_nullE
_ZN9QHashData12allocateNodeEi
_ZN9QHashData13detach_helperEPFvPNS_4NodeEPvEPFvS1_Eii
_ZN9QHashData6rehashEi
_ZN9QHashData8freeNodeEPv
_ZN9QHashData8nextNodeEPNS_4NodeE
_ZN9QListData11shared_nullE
_ZN9QListData7disposeEPNS_4DataE
_ZN9QLockFile7tryLockEi
_ZN9QLockFileC1ERK7QString
_ZN9QLockFileD1Ev
_ZN9QMetaType22registerNormalizedTypeERK10QByteArrayPFvPvEPFS3_S3_PKvEi6QFlagsINS_8TypeFlagEEPK11QMetaObject
_ZN9QSettings11setIniCodecEP10QTextCodec
_ZN9QSettings8setValueERK7QStringRK8QVariant
_ZN9QSettingsC1ERK7QStringNS_6FormatEP7QObject
_ZN9QSettingsD1Ev
_ZNK10QJsonArray2atEi
_ZNK10QJsonArray4sizeEv
_ZNK10QJsonValue5toIntEi
_ZNK10QJsonValue7toArrayEv
_ZNK10QJsonValue8toObjectEv
_ZNK10QJsonValue8toStringEv
_ZNK11QJsonObject5valueERK7QString
_ZNK11QJsonObject8containsERK7QString
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK13QJsonDocument6isNullEv
_ZNK13QJsonDocument6objectEv
_ZNK13QJsonDocument8isObjectEv
_ZNK14QMessageLogger5debugEv
_ZNK4QDir16absoluteFilePathERK7QString
_ZNK4QUrl8toStringE12QUrlTwoFlagsINS_19UrlFormattingOptionENS_25ComponentFormattingOptionEE
_ZNK5QDate8toStringERK7QString
_ZNK7QObject10objectNameEv
_ZNK7QString3argExii5QChar
_ZNK7QString5splitERKS_NS_13SplitBehaviorEN2Qt15CaseSensitivityE
_ZNK7QString5toIntEPbi
_ZNK7QString6toUcs4Ev
_ZNK8QVariant8toStringEv
_ZNK9QLockFile8isLockedEv
_ZNK9QSettings5valueERK7QStringRK8QVariant
_ZeqRK7QStringS1_
_Zls6QDebugRK4QUrl

qt5gui

_ZN16QDesktopServices7openUrlERK4QUrl
_ZN5QIconC1ERK7QString
_ZN5QIconD1Ev
_ZN6QColorC1EN2Qt11GlobalColorE
_ZN6QImageC1EPhiiNS_6FormatEPFvPvES2_
_ZN6QImageD1Ev
_ZN7QCursorC1EN2Qt11CursorShapeE
_ZN7QCursorD1Ev
_ZN7QPixmapC1Ev
_ZN7QPixmapD1Ev
_ZN8QPainter17setBackgroundModeEN2Qt6BGModeE
_ZN8QPainter3endEv
_ZN8QPainter9drawImageERK7QPointFRK6QImage
_ZN8QPainterC1EP12QPaintDevice
_ZN8QPainterD1Ev
_ZNK15QGuiApplication16devicePixelRatioEv
_ZNK9QKeyEvent9modifiersEv

qt5widgets

_ZN10QBoxLayout10setSpacingEi
_ZN10QBoxLayout9addWidgetEP7QWidgeti6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QGridLayout10setSpacingEi
_ZN11QGridLayout9addWidgetEP7QWidgetiiii6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QGridLayoutC1EP7QWidget
_ZN11QHBoxLayoutC1EP7QWidget
_ZN11QPushButtonC1EP7QWidget
_ZN11QVBoxLayoutC1EP7QWidget
_ZN12QApplication17startDragDistanceEv
_ZN12QApplicationC1ERiPPci
_ZN12QApplicationD1Ev
_ZN12QStyleOption4initEPK7QWidget
_ZN12QStyleOptionC1Eii
_ZN12QStyleOptionD1Ev
_ZN15QAbstractButton11setIconSizeERK5QSize
_ZN15QAbstractButton16staticMetaObjectE
_ZN15QAbstractButton7clickedEb
_ZN15QAbstractButton7setIconERK5QIcon
_ZN15QAbstractButton7setTextERK7QString
_ZN25QGraphicsDropShadowEffect13setBlurRadiusEd
_ZN25QGraphicsDropShadowEffect8setColorERK6QColor
_ZN25QGraphicsDropShadowEffect9setOffsetERK7QPointF
_ZN25QGraphicsDropShadowEffectC1EP7QObject
_ZN6QLabel11setWordWrapEb
_ZN6QLabel12setAlignmentE6QFlagsIN2Qt13AlignmentFlagEE
_ZN6QLabel7setTextERK7QString
_ZN6QLabelC1EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QDialog10closeEventEP11QCloseEvent
_ZN7QDialog10setVisibleEb
_ZN7QDialog11eventFilterEP7QObjectP6QEvent
_ZN7QDialog11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QDialog11qt_metacastEPKc
_ZN7QDialog11resizeEventEP12QResizeEvent
_ZN7QDialog13keyPressEventEP9QKeyEvent
_ZN7QDialog16contextMenuEventEP17QContextMenuEvent
_ZN7QDialog16staticMetaObjectE
_ZN7QDialog4doneEi
_ZN7QDialog4execEv
_ZN7QDialog4openEv
_ZN7QDialog6acceptEv
_ZN7QDialog6rejectEv
_ZN7QDialog9showEventEP10QShowEvent
_ZN7QDialogC2EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QDialogD2Ev
_ZN7QLayout18setContentsMarginsEiiii
_ZN7QLayout9setMarginEi
_ZN7QWidget10closeEventEP11QCloseEvent
_ZN7QWidget10enterEventEP6QEvent
_ZN7QWidget10leaveEventEP6QEvent
_ZN7QWidget10paintEventEP11QPaintEvent
_ZN7QWidget10setVisibleEb
_ZN7QWidget10wheelEventEP11QWheelEvent
_ZN7QWidget11actionEventEP12QActionEvent
_ZN7QWidget11changeEventEP6QEvent
_ZN7QWidget11nativeEventERK10QByteArrayPvPl
_ZN7QWidget11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QWidget11qt_metacastEPKc
_ZN7QWidget11resizeEventEP12QResizeEvent
_ZN7QWidget11setGeometryERK5QRect
_ZN7QWidget11tabletEventEP12QTabletEvent
_ZN7QWidget12focusInEventEP11QFocusEvent
_ZN7QWidget12setAttributeEN2Qt15WidgetAttributeEb
_ZN7QWidget12setFixedSizeEii
_ZN7QWidget13dragMoveEventEP14QDragMoveEvent
_ZN7QWidget13focusOutEventEP11QFocusEvent
_ZN7QWidget13keyPressEventEP9QKeyEvent
_ZN7QWidget13setSizePolicyE11QSizePolicy
_ZN7QWidget13setStyleSheetERK7QString
_ZN7QWidget14activateWindowEv
_ZN7QWidget14dragEnterEventEP15QDragEnterEvent
_ZN7QWidget14dragLeaveEventEP15QDragLeaveEvent
_ZN7QWidget14mouseMoveEventEP11QMouseEvent
_ZN7QWidget14setFocusPolicyEN2Qt11FocusPolicyE
_ZN7QWidget14setMaximumSizeEii
_ZN7QWidget14setMinimumSizeEii
_ZN7QWidget14setWindowFlagsE6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidget14setWindowTitleERK7QString
_ZN7QWidget15keyReleaseEventEP9QKeyEvent
_ZN7QWidget15mousePressEventEP11QMouseEvent
_ZN7QWidget16contextMenuEventEP17QContextMenuEvent
_ZN7QWidget16inputMethodEventEP17QInputMethodEvent
_ZN7QWidget16setMinimumHeightEi
_ZN7QWidget16staticMetaObjectE
_ZN7QWidget17mouseReleaseEventEP11QMouseEvent
_ZN7QWidget17setGraphicsEffectEP15QGraphicsEffect
_ZN7QWidget18focusNextPrevChildEb
_ZN7QWidget21mouseDoubleClickEventEP11QMouseEvent
_ZN7QWidget4moveERK6QPoint
_ZN7QWidget4showEv
_ZN7QWidget5eventEP6QEvent
_ZN7QWidget6resizeERK5QSize
_ZN7QWidget6updateEv
_ZN7QWidget9dropEventEP10QDropEvent
_ZN7QWidget9hideEventEP10QHideEvent
_ZN7QWidget9moveEventEP10QMoveEvent
_ZN7QWidget9setCursorERK7QCursor
_ZN7QWidget9showEventEP10QShowEvent
_ZN7QWidgetC1EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidgetC2EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidgetD2Ev
_ZNK7QDialog15minimumSizeHintEv
_ZNK7QDialog8sizeHintEv
_ZNK7QWidget10redirectedEP6QPoint
_ZNK7QWidget11initPainterEP8QPainter
_ZNK7QWidget11paintEngineEv
_ZNK7QWidget13sharedPainterEv
_ZNK7QWidget14heightForWidthEi
_ZNK7QWidget15minimumSizeHintEv
_ZNK7QWidget16inputMethodQueryEN2Qt16InputMethodQueryE
_ZNK7QWidget17hasHeightForWidthEv
_ZNK7QWidget3posEv
_ZNK7QWidget5winIdEv
_ZNK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZNK7QWidget7devTypeEv
_ZNK7QWidget8sizeHintEv
_ZTV11QSpacerItem
_ZThn8_NK7QWidget10redirectedEP6QPoint
_ZThn8_NK7QWidget11initPainterEP8QPainter
_ZThn8_NK7QWidget11paintEngineEv
_ZThn8_NK7QWidget13sharedPainterEv
_ZThn8_NK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZThn8_NK7QWidget7devTypeEv
_Zls6QDebugPK7QWidget

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info
__udivdi3
__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___mb_cur_max_func
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_beginthreadex
_cexit
_errno
_initterm
_iob
_onexit
_vsnprintf
abort
atoi
calloc
exit
fprintf
fputc
free
fwrite
getenv
localeconv
malloc
memcpy
memset
setlocale
signal
strchr
strcmp
strcpy_s
strerror
strlen
strncmp
time
vfprintf
wcslen

shell32

CommandLineToArgvW

user32

GetWindowRect
PostMessageW
SetParent

libstdc++-6

_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEjjPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7reserveEj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERjj
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE10_M_replaceEjjPKwj
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_createERjj
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt9terminatev
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdaPv
_ZdlPv
_ZdlPvj
_Znaj
_Znwj
__cxa_begin_catch
__cxa_end_catch
__cxa_rethrow
__cxa_throw_bad_array_new_length
__gxx_personality_v0

dsensors

DCreateInstance
DGetInstance
DDestroyInstance
DTrackOrderEx
DTrackPaymentEx

wke

wkeJSParam
wkeJSTypeOf
wkeJSToTempStringW
wkeJSBindFunction
wkeJSToTempString
wkeIsTransparent
wkeSetTransparent
wkeSetUserAgent
wkeLoadFile
wkeLoad
wkeStopLoading
wkeReload
wkeResize
wkeSetDirty
wkeIsDirty
wkePaint2
wkeGoBack
wkeCanGoForward
wkeGoForward
wkeFireMouseEvent
wkeFireContextMenuEvent
wkeFireMouseWheelEvent
wkeFireKeyUpEvent
wkeFireKeyDownEvent
wkeFireKeyPressEvent
wkeSetFocus
wkeKillFocus
wkeGetCaretRect
wkeRunJS
wkeGlobalExec
wkeOnTitleChanged
wkeOnURLChanged
wkeOnPaintUpdated
wkeGetString
wkeFinalize
wkeInitialize
wkeDestroyWebView
wkeCreateWebView

Sections

.text
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

85fcb514582f8ed1189004d8ca2b0f1b

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0c:f8:2e:c9:b2:e8:50:70:37:3f:2c:f3:8a:83:e1:ccCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0c:f8:2e:c9:b2:e8:50:70:37:3f:2c:f3:8a:83:e1:ccCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

3f:44:0d:bb:65:6e:d8:fb:57:14:44:3b:6f:f7:7d:f3:e9:90:20:de:c9:f2:80:c9:6e:da:3c:18:16:13:c5:0bSigner

08:2a:86:8f:61:1e:e5:11:80:09:c3:bd:cc:44:a0:c9:4e:57:4e:8dSigner

Headers

File Characteristics

Imports

libcurl

qt5core

qt5gui

qt5widgets

libgcc_s_dw2-1

kernel32

msvcrt

shell32

user32

libstdc++-6

dsensors

wke

Sections

.text Size: 199KB - Virtual size: 198KB

.data Size: 512B - Virtual size: 240B

.rdata Size: 355KB - Virtual size: 354KB

.eh_fram Size: 25KB - Virtual size: 25KB

.bss Size: - Virtual size: 3KB

.idata Size: 18KB - Virtual size: 18KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 25KB - Virtual size: 25KB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0c:f8:2e:c9:b2:e8:50:70:37:3f:2c:f3:8a:83:e1:cc
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0c:f8:2e:c9:b2:e8:50:70:37:3f:2c:f3:8a:83:e1:cc
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

3f:44:0d:bb:65:6e:d8:fb:57:14:44:3b:6f:f7:7d:f3:e9:90:20:de:c9:f2:80:c9:6e:da:3c:18:16:13:c5:0b
Signer

08:2a:86:8f:61:1e:e5:11:80:09:c3:bd:cc:44:a0:c9:4e:57:4e:8d
Signer

.text
Size: 199KB - Virtual size: 198KB

.data
Size: 512B - Virtual size: 240B

.rdata
Size: 355KB - Virtual size: 354KB

.eh_fram
Size: 25KB - Virtual size: 25KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 18KB - Virtual size: 18KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 25KB - Virtual size: 25KB