6a0c188d8d9d2a58bd745d9017b29db3b9af2d0d8f8d30a094ba7a280fe5ffda

Sharing

Copy URL

Twitter E-mail

General

Target

6a0c188d8d9d2a58bd745d9017b29db3b9af2d0d8f8d30a094ba7a280fe5ffda
Size

10.3MB
MD5

1cd1ff2b442ff32b919196426f78cc80
SHA1

fbf303502e55049940e5455a198d3496460c980b
SHA256

6a0c188d8d9d2a58bd745d9017b29db3b9af2d0d8f8d30a094ba7a280fe5ffda
SHA512

0b2fdaa2db8e464a54403a6e52706565d30742cd485525d20db030ce674bbb8814bdf09b869f8b5c2dd11a10965fdeb09ac3c2856ae2a97dc7e17e02360fcf8c
SSDEEP

196608:kcQJFAfbyY9eVi40DAd2zmcO3ZMJ7oE8CuaofTuDHathyYg1jjSw5jfz2p0CRj6U:kbFO+Y9h4jd262EE8JruOi4w5P2ppRjv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a0c188d8d9d2a58bd745d9017b29db3b9af2d0d8f8d30a094ba7a280fe5ffda

Files

6a0c188d8d9d2a58bd745d9017b29db3b9af2d0d8f8d30a094ba7a280fe5ffda
.exe windows:6 windows x64 arch:x64

75e3e00c1a7b74e61e10ee9e80dca4c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5sql

?finish@QSqlQuery@@QEAAXXZ

qt5quick

?staticMetaObject@QQuickItem@@2UQMetaObject@@B

qt5qml

??0QQmlApplicationEngine@@QEAA@PEAVQObject@@@Z

qt5multimedia

??1QVideoSurfaceFormat@@QEAA@XZ

qt5winextras

?extendFrameIntoClientArea@QtWin@@YAXPEAVQWindow@@HHHH@Z

qt5network

??0QHostAddress@@QEAA@AEBVQString@@@Z

qt5gui

?setText@QClipboard@@QEAAXAEBVQString@@W4Mode@1@@Z

qt5core

?program@QProcess@@QEBA?AVQString@@XZ

avformat-58

avformat_network_deinit

avcodec-58

av_parser_init

avutil-56

av_log_set_callback

swscale-5

sws_freeContext

kernel32

GetVersion
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MonitorFromWindow
CharUpperBuffW

advapi32

SystemFunction036

msvcp140

?c_str@?$_Yarn@D@std@@QEBAPEBDXZ

ws2_32

shutdown

vcruntime140

memcpy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-string-l1-1-0

isspace

api-ms-win-crt-runtime-l1-1-0

abort

api-ms-win-crt-math-l1-1-0

_ldclass

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnprintf_s

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-environment-l1-1-0

getenv_s

api-ms-win-crt-filesystem-l1-1-0

_mkdir

shell32

CommandLineToArgvW

Sections

.text
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 994KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 799B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.z"D
Size: - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.G94
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.|o6
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75e3e00c1a7b74e61e10ee9e80dca4c0

Headers

DLL Characteristics

File Characteristics

Imports

qt5sql

qt5quick

qt5qml

qt5multimedia

qt5winextras

qt5network

qt5gui

qt5core

avformat-58

avcodec-58

avutil-56

swscale-5

kernel32

user32

advapi32

msvcp140

ws2_32

vcruntime140

vcruntime140_1

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

shell32

Sections

.text Size: - Virtual size: 1.7MB

.rdata Size: - Virtual size: 994KB

.data Size: - Virtual size: 74KB

.pdata Size: - Virtual size: 92KB

.idata Size: - Virtual size: 69KB

.tls Size: - Virtual size: 799B

.00cfg Size: - Virtual size: 373B

.z"D Size: - Virtual size: 8.4MB

.G94 Size: 10KB - Virtual size: 10KB

.|o6 Size: 10.3MB - Virtual size: 10.3MB

.reloc Size: 512B - Virtual size: 232B

.rsrc Size: 39KB - Virtual size: 38KB

.text
Size: - Virtual size: 1.7MB

.rdata
Size: - Virtual size: 994KB

.data
Size: - Virtual size: 74KB

.pdata
Size: - Virtual size: 92KB

.idata
Size: - Virtual size: 69KB

.tls
Size: - Virtual size: 799B

.00cfg
Size: - Virtual size: 373B

.z"D
Size: - Virtual size: 8.4MB

.G94
Size: 10KB - Virtual size: 10KB

.|o6
Size: 10.3MB - Virtual size: 10.3MB

.reloc
Size: 512B - Virtual size: 232B

.rsrc
Size: 39KB - Virtual size: 38KB