NEAS[.]3ae13215ca4717e921bb320b17fb1930[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3ae13215ca4717e921bb320b17fb1930.exe
Size

90KB
MD5

3ae13215ca4717e921bb320b17fb1930
SHA1

f6da51b01143ee017c70f2a0ecb36c12a4a77ae8
SHA256

010cc721513fa2327ee68f1bccf642cc62ddd35c7c41095e5d0a1a23606cc3e8
SHA512

ba4102af751dc4778b052080eff95cc8aa11d0010a4cd12dacff04f85f64a12bbf4482b715d7af611ada8ec2a6368bf096faea316bcb68e1eba0c90d7ddb53db
SSDEEP

1536:GIVJ0ZDvIze14vlfVqPWcI3xoa45qJbXdmlmDOYQM2QekeQAjJioQ+FuETGuQ+8Z:GIVJ0ZDvIzQ4REPbI3xoa8ODOYQM6kek

Score

1^/10

Malware Config

Signatures

Files

NEAS.3ae13215ca4717e921bb320b17fb1930.exe
.dll windows:6 windows x86

64de7e1f110ffd029a1ef5976d8982e7

Code Sign

08:0a:10:a4:00:9f:7c:11:d7:db:9b:28:c9:d4:6d:93
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14/01/2020, 00:00

Not After

05/01/2022, 12:00

Subject

CN=Open Media LLC,O=Open Media LLC,L=Nizhny Novgorod,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0c:16:6f:d7:85:6a:b3:a9:c5:df:1f:ab:8a:d7:c6:8a
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/01/2019, 00:00

Not After

05/01/2022, 12:00

Subject

CN=Open Media LLC,O=Open Media LLC,L=Nizhny Novgorod,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:4f:c4:ac:82:d8:ea:9e:02:66:93:9a:c5:7c:ad:d8:44:02:3a:26:ce:ad:12:d1:e1:1a:48:32:3b:f5:16:e8
Signer

Actual PE Digest

8c:4f:c4:ac:82:d8:ea:9e:02:66:93:9a:c5:7c:ad:d8:44:02:3a:26:ce:ad:12:d1:e1:1a:48:32:3b:f5:16:e8

Digest Algorithm

sha256

PE Digest Matches

true

72:0a:73:f9:0e:54:30:b4:34:c5:f6:89:15:70:a4:fd:dd:0a:b3:67
Signer

Actual PE Digest

72:0a:73:f9:0e:54:30:b4:34:c5:f6:89:15:70:a4:fd:dd:0a:b3:67

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qt5quick

?boundingRect@QQuickItem@@UBE?AVQRectF@@XZ
?touchUngrabEvent@QQuickItem@@MAEXXZ
?updatePaintNode@QQuickItem@@MAEPAVQSGNode@@PAV2@PAUUpdatePaintNodeData@1@@Z
?touchEvent@QQuickItem@@MAEXPAVQTouchEvent@@@Z
?wheelEvent@QQuickItem@@MAEXPAVQWheelEvent@@@Z
?windowDeactivateEvent@QQuickItem@@MAEXXZ
??0QQuickItem@@QAE@PAV0@@Z
??1QQuickItem@@UAE@XZ
?updatePolish@QQuickItem@@MAEXXZ
?window@QQuickItem@@QBEPAVQQuickWindow@@XZ
?setParentItem@QQuickItem@@QAEXPAV1@@Z
?itemChange@QQuickItem@@MAEXW4ItemChange@1@ABTItemChangeData@1@@Z
?setColor@QQuickWindow@@QAEXABVQColor@@@Z
?color@QQuickWindow@@QBE?AVQColor@@XZ
?staticMetaObject@QQuickItem@@2UQMetaObject@@B
?qt_metacast@QQuickItem@@UAEPAXPBD@Z
?qt_metacall@QQuickItem@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?releaseResources@QQuickItem@@MAEXXZ
?mouseUngrabEvent@QQuickItem@@MAEXXZ
?mouseReleaseEvent@QQuickItem@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QQuickItem@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QQuickItem@@MAEXPAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QQuickItem@@MAEXPAVQMouseEvent@@@Z
?keyReleaseEvent@QQuickItem@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QQuickItem@@MAEXPAVQKeyEvent@@@Z
?isTextureProvider@QQuickItem@@UBE_NXZ
?inputMethodQuery@QQuickItem@@UBE?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?inputMethodEvent@QQuickItem@@MAEXPAVQInputMethodEvent@@@Z
?hoverMoveEvent@QQuickItem@@MAEXPAVQHoverEvent@@@Z
?hoverLeaveEvent@QQuickItem@@MAEXPAVQHoverEvent@@@Z
?hoverEnterEvent@QQuickItem@@MAEXPAVQHoverEvent@@@Z
?geometryChanged@QQuickItem@@MAEXABVQRectF@@0@Z
?focusOutEvent@QQuickItem@@MAEXPAVQFocusEvent@@@Z
?focusInEvent@QQuickItem@@MAEXPAVQFocusEvent@@@Z
?event@QQuickItem@@MAE_NPAVQEvent@@@Z
?dropEvent@QQuickItem@@MAEXPAVQDropEvent@@@Z
?dragMoveEvent@QQuickItem@@MAEXPAVQDragMoveEvent@@@Z
?dragLeaveEvent@QQuickItem@@MAEXPAVQDragLeaveEvent@@@Z
?dragEnterEvent@QQuickItem@@MAEXPAVQDragEnterEvent@@@Z
?contains@QQuickItem@@UBE_NABVQPointF@@@Z
?componentComplete@QQuickItem@@MAEXXZ
?clipRect@QQuickItem@@UBE?AVQRectF@@XZ
?classBegin@QQuickItem@@MAEXXZ
?childMouseEventFilter@QQuickItem@@MAE_NPAV1@PAVQEvent@@@Z
?textureProvider@QQuickItem@@UBEPAVQSGTextureProvider@@XZ

qt5winextras

?staticMetaObject@QWinThumbnailToolButton@@2UQMetaObject@@B
?qt_metacast@QWinThumbnailToolButton@@UAEPAXPBD@Z
?qt_metacall@QWinThumbnailToolButton@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?metaObject@QWinThumbnailToolButton@@UBEPBUQMetaObject@@XZ
?clicked@QWinThumbnailToolButton@@QAEXXZ
?isFlat@QWinThumbnailToolButton@@QBE_NXZ
?setFlat@QWinThumbnailToolButton@@QAEX_N@Z
?dismissOnClick@QWinThumbnailToolButton@@QBE_NXZ
?setDismissOnClick@QWinThumbnailToolButton@@QAEX_N@Z
?isVisible@QWinThumbnailToolButton@@QBE_NXZ
?setVisible@QWinThumbnailToolButton@@QAEX_N@Z
?isInteractive@QWinThumbnailToolButton@@QBE_NXZ
?setInteractive@QWinThumbnailToolButton@@QAEX_N@Z
?isEnabled@QWinThumbnailToolButton@@QBE_NXZ
?setEnabled@QWinThumbnailToolButton@@QAEX_N@Z
?setIcon@QWinThumbnailToolButton@@QAEXABVQIcon@@@Z
?toolTip@QWinThumbnailToolButton@@QBE?AVQString@@XZ
?setToolTip@QWinThumbnailToolButton@@QAEXABVQString@@@Z
??1QWinThumbnailToolButton@@UAE@XZ
??0QWinThumbnailToolButton@@QAE@PAVQObject@@@Z
?staticMetaObject@QWinThumbnailToolBar@@2UQMetaObject@@B
?iconicLivePreviewPixmapRequested@QWinThumbnailToolBar@@QAEXXZ
?iconicThumbnailPixmapRequested@QWinThumbnailToolBar@@QAEXXZ
?setIconicLivePreviewPixmap@QWinThumbnailToolBar@@QAEXABVQPixmap@@@Z
?setIconicThumbnailPixmap@QWinThumbnailToolBar@@QAEXABVQPixmap@@@Z
?clear@QWinThumbnailToolBar@@QAEXXZ
?setIconicPixmapNotificationsEnabled@QWinThumbnailToolBar@@QAEX_N@Z
?iconicPixmapNotificationsEnabled@QWinThumbnailToolBar@@QBE_NXZ
?count@QWinThumbnailToolBar@@QBEHXZ
?removeButton@QWinThumbnailToolBar@@QAEXPAVQWinThumbnailToolButton@@@Z
?addButton@QWinThumbnailToolBar@@QAEXPAVQWinThumbnailToolButton@@@Z
?setWindow@QWinThumbnailToolBar@@QAEXPAVQWindow@@@Z
??1QWinThumbnailToolBar@@UAE@XZ
??0QWinThumbnailToolBar@@QAE@PAVQObject@@@Z
?setArguments@QWinJumpListItem@@QAEXABVQStringList@@@Z
?setDescription@QWinJumpListItem@@QAEXABVQString@@@Z
?setTitle@QWinJumpListItem@@QAEXABVQString@@@Z
?setIcon@QWinJumpListItem@@QAEXABVQIcon@@@Z
?setFilePath@QWinJumpListItem@@QAEXABVQString@@@Z
?staticMetaObject@QWinTaskbarProgress@@2UQMetaObject@@B
??0QWinJumpListItem@@QAE@W4Type@0@@Z
?addCategory@QWinJumpList@@QAEPAVQWinJumpListCategory@@ABVQString@@V?$QList@PAVQWinJumpListItem@@@@@Z
?tasks@QWinJumpList@@QBEPAVQWinJumpListCategory@@XZ
?frequent@QWinJumpList@@QBEPAVQWinJumpListCategory@@XZ
?recent@QWinJumpList@@QBEPAVQWinJumpListCategory@@XZ
??1QWinJumpList@@UAE@XZ
??0QWinJumpList@@QAE@PAVQObject@@@Z
?addItem@QWinJumpListCategory@@QAEXPAVQWinJumpListItem@@@Z
?setVisible@QWinJumpListCategory@@QAEX_N@Z
?qt_metacast@QWinTaskbarButton@@UAEPAXPBD@Z
?qt_metacall@QWinTaskbarButton@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?metaObject@QWinTaskbarButton@@UBEPBUQMetaObject@@XZ
?eventFilter@QWinTaskbarButton@@UAE_NPAVQObject@@PAVQEvent@@@Z
?clearOverlayIcon@QWinTaskbarButton@@QAEXXZ
?colorizationColor@QtWin@@YA?AVQColor@@PA_N@Z
?setType@QWinJumpListItem@@QAEXW4Type@1@@Z
?setOverlayAccessibleDescription@QWinTaskbarButton@@QAEXABVQString@@@Z
?setOverlayIcon@QWinTaskbarButton@@QAEXABVQIcon@@@Z
?progress@QWinTaskbarButton@@QBEPAVQWinTaskbarProgress@@XZ
?overlayAccessibleDescription@QWinTaskbarButton@@QBE?AVQString@@XZ
?setWindow@QWinTaskbarButton@@QAEXPAVQWindow@@@Z
??1QWinTaskbarButton@@UAE@XZ
??0QWinTaskbarButton@@QAE@PAVQObject@@@Z
?CompositionChange@QWinEvent@@2HB
?ColorizationChange@QWinEvent@@2HB
?setup@QWinEventFilter@@SAXXZ
?setCompositionEnabled@QtWin@@YAX_N@Z
?isCompositionEnabled@QtWin@@YA_NXZ
?disableBlurBehindWindow@QtWin@@YAXPAVQWindow@@@Z
?enableBlurBehindWindow@QtWin@@YAXPAVQWindow@@@Z
?extendFrameIntoClientArea@QtWin@@YAXPAVQWindow@@HHHH@Z
?windowFlip3DPolicy@QtWin@@YA?AW4WindowFlip3DPolicy@1@PAVQWindow@@@Z
?setWindowFlip3DPolicy@QtWin@@YAXPAVQWindow@@W4WindowFlip3DPolicy@1@@Z
?isWindowPeekDisallowed@QtWin@@YA_NPAVQWindow@@@Z
?setWindowDisallowPeek@QtWin@@YAXPAVQWindow@@_N@Z
?isWindowExcludedFromPeek@QtWin@@YA_NPAVQWindow@@@Z
?setWindowExcludedFromPeek@QtWin@@YAXPAVQWindow@@_N@Z
?realColorizationColor@QtWin@@YA?AVQColor@@XZ

qt5gui

??BQIcon@@QBE?AVQVariant@@XZ
??0QIcon@@QAE@ABVQPixmap@@@Z
?loadFromData@QPixmap@@QAE_NABVQByteArray@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?fromImage@QPixmap@@SA?AV1@ABVQImage@@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?isNull@QPixmap@@QBE_NXZ
??BQPixmap@@QBE?AVQVariant@@XZ
??4QPixmap@@QAEAAV0@$$QAV0@@Z
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?isNull@QImage@@QBE_NXZ
??1QImage@@UAE@XZ
??1QPixmap@@UAE@XZ
??0QPixmap@@QAE@ABV0@@Z
??0QPixmap@@QAE@XZ
??0QIcon@@QAE@ABVQString@@@Z
??1QIcon@@QAE@XZ
??0QIcon@@QAE@ABV0@@Z
??0QIcon@@QAE@XZ
??0QColor@@QAE@XZ
??0QColor@@QAE@W4GlobalColor@Qt@@@Z
??1QSurfaceFormat@@QAE@XZ
?setAlphaBufferSize@QSurfaceFormat@@QAEXH@Z
?setFormat@QWindow@@QAEXABVQSurfaceFormat@@@Z

qt5qml

?imageProvider@QQmlEngine@@QBEPAVQQmlImageProviderBase@@ABVQString@@@Z
?networkAccessManager@QQmlEngine@@QBEPAVQNetworkAccessManager@@XZ
??1QQmlParserStatus@@UAE@XZ
??0QQmlParserStatus@@QAE@XZ
?qmlEngine@QtQml@@YAPAVQQmlEngine@@PBVQObject@@@Z
?initializeEngine@QQmlExtensionPlugin@@UAEXPAVQQmlEngine@@PBD@Z
??0QQmlExtensionPlugin@@QAE@PAVQObject@@@Z
?urlToLocalFileOrQrc@QQmlFile@@SA?AVQString@@ABVQUrl@@@Z
?qt_metacall@QQmlExtensionPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?staticMetaObject@QQmlExtensionPlugin@@2UQMetaObject@@B
?qdeclarativeelement_destructor@QQmlPrivate@@YAXPAVQObject@@@Z
?qmlregister@QQmlPrivate@@YAHW4RegistrationType@1@PAX@Z
?qmlRegisterModule@@YAXPBDHH@Z
?qt_metacast@QQmlExtensionPlugin@@UAEPAXPBD@Z
??1QQmlExtensionPlugin@@UAE@XZ

qt5network

?staticMetaObject@QNetworkReply@@2UQMetaObject@@B
?finished@QNetworkReply@@QAEXXZ
?url@QNetworkReply@@QBE?AVQUrl@@XZ
?error@QNetworkReply@@QBE?AW4NetworkError@1@XZ
?get@QNetworkAccessManager@@QAEPAVQNetworkReply@@ABVQNetworkRequest@@@Z
??1QNetworkRequest@@QAE@XZ
??0QNetworkRequest@@QAE@ABVQUrl@@@Z

qt5core

??0QByteArray@@QAE@PBDH@Z
??0QByteArray@@QAE@XZ
?className@QMetaObject@@QBEPBDXZ
?startsWith@QString@@QBE_NVQStringView@@W4CaseSensitivity@Qt@@@Z
??8@YA_NABVQString@@0@Z
?isNull@QString@@QBE_NXZ
??0QObject@@QAE@PAV0@@Z
??1QObject@@UAE@XZ
?parent@QObject@@QBEPAV1@XZ
?reserve@QByteArray@@QAEXH@Z
??1QVariant@@QAE@XZ
??0QVariant@@QAE@$$QAV0@@Z
?userType@QVariant@@QBEHXZ
?constData@QVariant@@QBEPBXXZ
?convert@QVariant@@QBE_NHPAX@Z
??0QUrl@@QAE@XZ
??0QUrl@@QAE@ABV0@@Z
??4QUrl@@QAEAAV0@ABV0@@Z
??1QUrl@@QAE@XZ
?isEmpty@QUrl@@QBE_NXZ
??1QByteArray@@QAE@XZ
?append@QByteArray@@QAEAAV1@D@Z
?append@QByteArray@@QAEAAV1@PBD@Z
??0QString@@QAE@XZ
??0QString@@QAE@ABV0@@Z
??1QString@@QAE@XZ
?fromAscii_helper@QString@@CAPAU?$QTypedArrayData@G@@PBDH@Z
?registerNormalizedType@QMetaType@@SAHABVQByteArray@@P6AXPAX@ZP6APAX1PBX@ZHV?$QFlags@W4TypeFlag@QMetaType@@@@PBUQMetaObject@@@Z
?registerNormalizedTypedef@QMetaType@@SAHABVQByteArray@@H@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?cast@QMetaObject@@QBEPAVQObject@@PAV2@@Z
?setParent@QObject@@QAEXPAV1@@Z
?installEventFilter@QObject@@QAEXPAV1@@Z
??1Connection@QMetaObject@@QAE@XZ
?compareStrings@QtPrivate@@YAHVQStringView@@0W4CaseSensitivity@Qt@@@Z
?connectImpl@QObject@@CA?AVConnection@QMetaObject@@PBV1@PAPAX01PAVQSlotObjectBase@QtPrivate@@W4ConnectionType@Qt@@PBHPBU3@@Z
?property@QObject@@QBE?AVQVariant@@PBD@Z
?scheme@QUrl@@QBE?AVQString@@XZ
?normalizedType@QMetaObject@@SA?AVQByteArray@@PBD@Z
??4QUrl@@QAEAAV0@$$QAV0@@Z
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QObject@@UAEPAXPBD@Z
??4QString@@QAEAAV0@$$QAV0@@Z
?staticMetaObject@QObject@@2UQMetaObject@@B
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
?exists@QFileInfo@@SA_NABVQString@@@Z
??6QDebug@@QAEAAV0@ABVQString@@@Z
??6QDebug@@QAEAAV0@PBD@Z
??1QDebug@@QAE@XZ
?errorString@QIODevice@@QBE?AVQString@@XZ
?readAll@QIODevice@@QAE?AVQByteArray@@XZ
??6@YA?AVQDebug@@V0@ABVQUrl@@@Z
?host@QUrl@@QBE?AVQString@@V?$QFlags@W4ComponentFormattingOption@QUrl@@@@@Z
?toString@QUrl@@QBE?AVQString@@V?$QUrlTwoFlags@W4UrlFormattingOption@QUrl@@W4ComponentFormattingOption@2@@@@Z
??0QVariant@@QAE@XZ
?sender@QObject@@IBEPAV1@XZ
?mid@QString@@QBE?AV1@HH@Z
?warning@QMessageLogger@@QBE?AVQDebug@@XZ
?warning@QMessageLogger@@QBAXPBDZZ
??0QMessageLogger@@QAE@PBDH0@Z
?deleteLater@QObject@@QAEXXZ
?shared_null@QListData@@2UData@1@B
?append@QListData@@QAEPAPAXXZ
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
??4QString@@QAEAAV0@ABV0@@Z
?toStringList@QVariant@@QBE?AVQStringList@@XZ
?toString@QVariant@@QBE?AVQString@@XZ
?data@QString@@QBEPBVQChar@@XZ
?disconnectImpl@QObject@@CA_NPBV1@PAPAX01PBUQMetaObject@@@Z
?dispose@QListData@@SAXPAUData@1@@Z
?sharedNull@QArrayData@@SAPAU1@XZ
?deallocate@QArrayData@@SAXPAU1@II@Z
?allocate@QArrayData@@SAPAU1@IIIV?$QFlags@W4AllocationOption@QArrayData@@@@@Z
??8QUrl@@QBE_NABV0@@Z

user32

GetSystemMetrics

kernel32

CloseHandle
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
EnterCriticalSection

vcruntime140

memcpy
memmove
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 103B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64de7e1f110ffd029a1ef5976d8982e7

Code Sign

08:0a:10:a4:00:9f:7c:11:d7:db:9b:28:c9:d4:6d:93Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

0c:16:6f:d7:85:6a:b3:a9:c5:df:1f:ab:8a:d7:c6:8aCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:4f:c4:ac:82:d8:ea:9e:02:66:93:9a:c5:7c:ad:d8:44:02:3a:26:ce:ad:12:d1:e1:1a:48:32:3b:f5:16:e8Signer

72:0a:73:f9:0e:54:30:b4:34:c5:f6:89:15:70:a4:fd:dd:0a:b3:67Signer

Headers

DLL Characteristics

File Characteristics

Imports

qt5quick

qt5winextras

qt5gui

qt5qml

qt5network

qt5core

user32

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 2KB

.qtmetad Size: 512B - Virtual size: 103B

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 5KB - Virtual size: 4KB

08:0a:10:a4:00:9f:7c:11:d7:db:9b:28:c9:d4:6d:93
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

0c:16:6f:d7:85:6a:b3:a9:c5:df:1f:ab:8a:d7:c6:8a
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:4f:c4:ac:82:d8:ea:9e:02:66:93:9a:c5:7c:ad:d8:44:02:3a:26:ce:ad:12:d1:e1:1a:48:32:3b:f5:16:e8
Signer

72:0a:73:f9:0e:54:30:b4:34:c5:f6:89:15:70:a4:fd:dd:0a:b3:67
Signer

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 2KB

.qtmetad
Size: 512B - Virtual size: 103B

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 5KB - Virtual size: 4KB