58946468aeac1366eea196636cd48e97a4b93dddd6e0a625f472517599229247

Sharing

Copy URL Twitter E-mail

General

Target

58946468aeac1366eea196636cd48e97a4b93dddd6e0a625f472517599229247
Size

24KB
MD5

58a9c9303ff5eefcb22788de857b881b
SHA1

1ce5679bec672ba5cb95e46444c9ecf0a08f5c5e
SHA256

58946468aeac1366eea196636cd48e97a4b93dddd6e0a625f472517599229247
SHA512

740868e8fb1fa5d44f1e044e620cba2ecffd7a068dc7945434fac6087dff1e9e0ae6f7bb3e3b7e1afc070ab121e68fe644f33dfb3bacc602c3aeb83f3255cca4
SSDEEP

384:3MJtlCEAjASdngQ/6fK0b0DBZ129UHkONyS/Sw9VJGNQbedtp:3MlLKPgQ/CwVaOEONyS/SUJGeefp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58946468aeac1366eea196636cd48e97a4b93dddd6e0a625f472517599229247

Files

58946468aeac1366eea196636cd48e97a4b93dddd6e0a625f472517599229247
.exe windows:5 windows x86

3e9be566006337789ec1caec6be3393e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qtgui4

?saveState@QApplication@@UAEXAAVQSessionManager@@@Z
?commitData@QApplication@@UAEXAAVQSessionManager@@@Z
??1QSplashScreen@@UAE@XZ
?exec@QApplication@@SAHXZ
?finish@QSplashScreen@@QAEXPAVQWidget@@@Z
??0QColor@@QAE@W4GlobalColor@Qt@@@Z
?showMessage@QSplashScreen@@QAEXABVQString@@HABVQColor@@@Z
?show@QWidget@@QAEXXZ
??0QSplashScreen@@QAE@ABVQPixmap@@V?$QFlags@W4WindowType@Qt@@@@@Z
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
??1QApplication@@UAE@XZ
?compressEvent@QApplication@@MAE_NPAVQEvent@@PAVQObject@@PAVQPostEventList@@@Z
?notify@QApplication@@UAE_NPAVQObject@@PAVQEvent@@@Z
?event@QApplication@@MAE_NPAVQEvent@@@Z
?qt_metacall@QApplication@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QApplication@@UAEPAXPBD@Z
?metaObject@QApplication@@UBEPBUQMetaObject@@XZ
??0QApplication@@QAE@AAHPAPADH@Z
?font@QApplication@@SA?AVQFont@@XZ
?setFamily@QFont@@QAEXABVQString@@@Z
?setPointSize@QFont@@QAEXH@Z
?setFont@QApplication@@SAXABVQFont@@PBD@Z
??1QFont@@QAE@XZ
??1QPixmap@@UAE@XZ

qtcore4

?codecForLocale@QTextCodec@@SAPAV1@XZ
??0QTranslator@@QAE@PAVQObject@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXPBD@Z
?disconnectNotify@QObject@@MAEXPBD@Z
?winEventFilter@QCoreApplication@@UAE_NPAUtagMSG@@PAJ@Z
?secsTo@QDateTime@@QBEHABV1@@Z
?processEvents@QCoreApplication@@SAXV?$QFlags@W4ProcessEventsFlag@QEventLoop@@@@@Z
??1QDateTime@@QAE@XZ
??4QDateTime@@QAEAAV0@ABV0@@Z
?setCodecForLocale@QTextCodec@@SAXPAV1@@Z
?currentDateTime@QDateTime@@SA?AV1@XZ
?codecForCStrings@QString@@0PAVQTextCodec@@A
?fromWCharArray@QString@@SA?AV1@PBGH@Z
?cftr@QTextCodec@@0PAV1@A
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
??0QSettings@@QAE@ABVQString@@0PAVQObject@@@Z
?free@QString@@CAXPAUData@1@@Z
??0QVariant@@QAE@XZ
?value@QSettings@@QBE?AVQVariant@@ABVQString@@ABV2@@Z
?toString@QVariant@@QBE?AVQString@@XZ
??1QVariant@@QAE@XZ
??0QVariant@@QAE@PBD@Z
?setValue@QSettings@@QAEXABVQString@@ABVQVariant@@@Z
?compare@QString@@QBEHABV1@@Z
??0QChar@@QAE@UQLatin1Char@@@Z
?applicationDirPath@QCoreApplication@@SA?AVQString@@XZ
?arg@QString@@QBE?AV1@ABV1@HABVQChar@@@Z
?exists@QFile@@SA_NABVQString@@@Z
?shared_null@QString@@0UData@1@A
?load@QTranslator@@QAE_NABVQString@@000@Z
?installTranslator@QCoreApplication@@SAXPAVQTranslator@@@Z
?tr@QObject@@SA?AVQString@@PBD0@Z
??1QSettings@@UAE@XZ
??1QTranslator@@UAE@XZ
??1QString@@QAE@XZ
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
?detach@QByteArray@@QAEXXZ
?qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV?$QVector@PAD@@@Z
?qFree@@YAXPAX@Z
?reallocate@QVectorData@@SAPAU1@PAU1@HHH@Z
?qMemSet@@YAPAXPAXHI@Z
?allocate@QVectorData@@SAPAU1@HH@Z
?qBadAlloc@@YAXXZ
?free@QVectorData@@SAXPAU1@H@Z
??0QDateTime@@QAE@XZ

uimanager

??1CUiManager@@UAE@XZ
?showMainWindow@CUiManager@@QAEXXZ
??0CUiManager@@QAE@XZ
?getMainWindow@CUiManager@@QAEPAVCMainWindow@@XZ

libxml

?TerminateXerces@CXercesXML@@SAXXZ
?InitializeXerces@CXercesXML@@SA_NXZ

msvcr100

_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__dllonexit
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??3@YAXPAX@Z
__CxxFrameHandler3
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s
memcpy
_CxxThrowException

kernel32

QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EncodePointer
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e9be566006337789ec1caec6be3393e

Headers

DLL Characteristics

File Characteristics

Imports

qtgui4

qtcore4

uimanager

libxml

msvcr100

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB