4cbbe826140c2235ec7516640220862f

Sharing

Copy URL Twitter E-mail

General

Target

4cbbe826140c2235ec7516640220862f
Size

212KB
MD5

4cbbe826140c2235ec7516640220862f
SHA1

e46c248b6388363b5d8041ec14fd2787958b2e23
SHA256

462c5ff69a23d0949eb5afd0ff1547a7eb26726fc5040d7049dfb963683860d6
SHA512

deb05ab6096edf08d2e5c3dfe13cc385c7d6a861b4ed266325f7729dd5e1aeb221375012bbc7177cf9e00c1562354bf03990de7362dc76264ad0949f5d44eb5c
SSDEEP

3072:GZ2zKo9xCCwQR0qOzoZ0P99094wTqPrfNRJrv:GW9xCCwQRLOzoZ0Pz7wTwrf7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cbbe826140c2235ec7516640220862f

Files

4cbbe826140c2235ec7516640220862f
.exe windows:5 windows x86 arch:x86

a51b5770305bb9a8adced62b63480391

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imfc0

?skinDir@ImPref@@QAE?AVQString@@XZ
?value@ImPref@@QAE?AVQVariant@@ABVQString@@ABV2@@Z
?setCurrentLang@ImLangItemModel@@QAE_NABVQString@@@Z
?copyright@ImPref@@QAE?AVQString@@XZ
?product_version@ImPref@@QAE?AVQString@@XZ
?versionString@Im@@YA?AVQString@@ABV2@@Z
?product_name_prefix@ImPref@@QAE?AVQString@@XZ
?moveCenter@Im@@YAXPAVQWidget@@@Z
??1QtLocalPeer@@UAE@XZ
?qt_metacall@QtLocalPeer@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QtLocalPeer@@UAEPAXPBD@Z
?metaObject@QtLocalPeer@@UBEPBUQMetaObject@@XZ
??0ImApplication@@QAE@AAHPAPAD@Z
?setImfcVersion@ImApplication@@QAEXH@Z
?setStartSoftwareManage@ImApplication@@QAEX_N@Z
?checkIntegrality@ImApplication@@QAE_NXZ
?installTranslators@ImApplication@@QAEXXZ
?initCfg@ImApplication@@QAEXPBD_N@Z
?appInfoValue@ImPref@@QAE?AVQString@@ABV2@0@Z
??0QtLocalPeer@@QAE@PAVQObject@@ABVQString@@@Z
?isClient@QtLocalPeer@@QAE_NXZ
??1ImApplication@@UAE@XZ
?sendMessage@QtLocalPeer@@QAE_NABVQString@@H@Z
?app_name@ImPref@@QAE?AVQString@@XZ
?qSleep@Im@@YAXJ@Z
?instance@regLib@@SAPAV1@XZ
?incCIAItem@regLib@@QAEXABVQString@@@Z

qtgui4

?staticMetaObject@QFrame@@2UQMetaObject@@B
?qt_metacall@QFrame@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QFrame@@UAEPAXPBD@Z
?update@QWidget@@QAEXXZ
??1QMovie@@UAE@XZ
?qt_metacall@QMovie@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMovie@@UAEPAXPBD@Z
?metaObject@QMovie@@UBEPBUQMetaObject@@XZ
??0QFrame@@QAE@PAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?size@QPixmap@@QBE?AVQSize@@XZ
?setPixmap@QLabel@@QAEXABVQPixmap@@@Z
?move@QWidget@@QAEXABVQPoint@@@Z
??0QMovie@@QAE@ABVQString@@ABVQByteArray@@PAVQObject@@@Z
?setMovie@QLabel@@QAEXPAVQMovie@@@Z
?start@QMovie@@QAEXXZ
?setStyleSheet@QApplication@@QAEXABVQString@@@Z
?adjustSize@QWidget@@QAEXXZ
??1QPixmap@@UAE@XZ
?focusNextPrevChild@QWidget@@MAE_N_N@Z
?changeEvent@QFrame@@MAEXPAVQEvent@@@Z
?contextMenuEvent@QWidget@@MAEXPAVQContextMenuEvent@@@Z
?paintEvent@QFrame@@MAEXPAVQPaintEvent@@@Z
?focusOutEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?focusInEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?keyPressEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?mouseMoveEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mouseReleaseEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?heightForWidth@QWidget@@UBEHH@Z
?minimumSizeHint@QWidget@@UBE?AVQSize@@XZ
?sizeHint@QFrame@@UBE?AVQSize@@XZ
?event@QFrame@@MAE_NPAVQEvent@@@Z
??1QFrame@@UAE@XZ
??1QLabel@@UAE@XZ
?metric@QWidget@@MBEHW4PaintDeviceMetric@QPaintDevice@@@Z
?releaseDC@QWidget@@UBEXPAUHDC__@@@Z
?getDC@QWidget@@UBEPAUHDC__@@XZ
?paintEngine@QWidget@@UBEPAVQPaintEngine@@XZ
?devType@QWidget@@UBEHXZ
?languageChange@QWidget@@MAEXXZ
?windowActivationChange@QWidget@@MAEX_N@Z
?fontChange@QWidget@@MAEXABVQFont@@@Z
?paletteChange@QWidget@@MAEXABVQPalette@@@Z
?enabledChange@QWidget@@MAEX_N@Z
?styleChange@QWidget@@MAEXAAVQStyle@@@Z
?focusNextPrevChild@QLabel@@MAE_N_N@Z
?inputMethodQuery@QWidget@@UBE?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?inputMethodEvent@QWidget@@MAEXPAVQInputMethodEvent@@@Z
?changeEvent@QLabel@@MAEXPAVQEvent@@@Z
?winEvent@QWidget@@MAE_NPAUtagMSG@@PAJ@Z
?hideEvent@QWidget@@MAEXPAVQHideEvent@@@Z
?showEvent@QWidget@@MAEXPAVQShowEvent@@@Z
?dropEvent@QWidget@@MAEXPAVQDropEvent@@@Z
?dragLeaveEvent@QWidget@@MAEXPAVQDragLeaveEvent@@@Z
?dragMoveEvent@QWidget@@MAEXPAVQDragMoveEvent@@@Z
?dragEnterEvent@QWidget@@MAEXPAVQDragEnterEvent@@@Z
?actionEvent@QWidget@@MAEXPAVQActionEvent@@@Z
?tabletEvent@QWidget@@MAEXPAVQTabletEvent@@@Z
?contextMenuEvent@QLabel@@MAEXPAVQContextMenuEvent@@@Z
?closeEvent@QWidget@@MAEXPAVQCloseEvent@@@Z
?resizeEvent@QWidget@@MAEXPAVQResizeEvent@@@Z
?moveEvent@QWidget@@MAEXPAVQMoveEvent@@@Z
?paintEvent@QLabel@@MAEXPAVQPaintEvent@@@Z
?leaveEvent@QWidget@@MAEXPAVQEvent@@@Z
?enterEvent@QWidget@@MAEXPAVQEvent@@@Z
?focusOutEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?focusInEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?keyReleaseEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QLabel@@MAEXPAVQKeyEvent@@@Z
?wheelEvent@QWidget@@MAEXPAVQWheelEvent@@@Z
?mouseMoveEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mouseReleaseEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?heightForWidth@QLabel@@UBEHH@Z
?minimumSizeHint@QLabel@@UBE?AVQSize@@XZ
?sizeHint@QLabel@@UBE?AVQSize@@XZ
?setVisible@QWidget@@UAEX_N@Z
?event@QLabel@@MAE_NPAVQEvent@@@Z
?qt_metacall@QLabel@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QLabel@@UAEPAXPBD@Z
?metaObject@QLabel@@UBEPBUQMetaObject@@XZ
?resize@QWidget@@QAEXABVQSize@@@Z
??0QLabel@@QAE@PAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
?setGeometry@QWidget@@QAEXABVQRect@@@Z
?setScaledContents@QLabel@@QAEX_N@Z
?setAlignment@QLabel@@QAEXV?$QFlags@W4AlignmentFlag@Qt@@@@@Z
?setWindowTitle@QWidget@@QAEXABVQString@@@Z
?setText@QLabel@@QAEXABVQString@@@Z
?warning@QMessageBox@@SA?AW4StandardButton@1@PAVQWidget@@ABVQString@@1V?$QFlags@W4StandardButton@QMessageBox@@@@W421@@Z
?show@QWidget@@QAEXXZ

qtcore4

?qBadAlloc@@YAXXZ
?allocate@QVectorData@@SAPAU1@HH@Z
?qMemSet@@YAPAXPAXHI@Z
?reallocate@QVectorData@@SAPAU1@PAU1@HHH@Z
?qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV?$QVector@PAD@@@Z
?detach@QByteArray@@QAEXXZ
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
?fromWCharArray@QString@@SA?AV1@PBGH@Z
?free@QVectorData@@SAXPAU1@H@Z
??1QTimer@@UAE@XZ
?timerEvent@QTimer@@MAEXPAVQTimerEvent@@@Z
?qt_metacall@QTimer@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QTimer@@UAEPAXPBD@Z
?metaObject@QTimer@@UBEPBUQMetaObject@@XZ
?split@QString@@QBE?AVQStringList@@ABV1@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z
??4QString@@QAEAAV0@PBD@Z
?shared_null@QByteArray@@0UData@1@A
??0QVariant@@QAE@XZ
?toString@QVariant@@QBE?AVQString@@XZ
??1QVariant@@QAE@XZ
??0QChar@@QAE@UQLatin1Char@@@Z
?arg@QString@@QBE?AV1@ABV1@HABVQChar@@@Z
??4QString@@QAEAAV0@ABV0@@Z
?remove@QString@@QAEAAV1@ABV1@W4CaseSensitivity@Qt@@@Z
?toInt@QString@@QBEHPA_NH@Z
??0QTimer@@QAE@PAVQObject@@@Z
?connect@QObject@@SA_NPBV1@PBD01W4ConnectionType@Qt@@@Z
?setInterval@QTimer@@QAEXH@Z
?start@QTimer@@QAEXXZ
?append@QListData@@QAEPAPAXXZ
?detach@QListData@@QAEPAUData@1@H@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?objectName@QObject@@QBE?AVQString@@XZ
?fromUtf8@QString@@SA?AV1@PBDH@Z
?setObjectName@QObject@@QAEXABVQString@@@Z
?connectSlotsByName@QMetaObject@@SAXPAVQObject@@@Z
?shared_null@QListData@@2UData@1@A
?stop@QTimer@@QAEXXZ
?translate@QCoreApplication@@SA?AVQString@@PBD00W4Encoding@1@@Z
??1QProcess@@UAE@XZ
?setupChildProcess@QProcess@@MAEXXZ
?writeData@QProcess@@MAE_JPBD_J@Z
?readLineData@QIODevice@@MAE_JPAD_J@Z
?readData@QProcess@@MAE_JPAD_J@Z
?waitForBytesWritten@QProcess@@UAE_NH@Z
?waitForReadyRead@QProcess@@UAE_NH@Z
?canReadLine@QProcess@@UBE_NXZ
?bytesToWrite@QProcess@@UBE_JXZ
?bytesAvailable@QProcess@@UBE_JXZ
?reset@QIODevice@@UAE_NXZ
?atEnd@QProcess@@UBE_NXZ
?seek@QIODevice@@UAE_N_J@Z
?size@QIODevice@@UBE_JXZ
?pos@QIODevice@@UBE_JXZ
?close@QProcess@@UAEXXZ
?open@QIODevice@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?isSequential@QProcess@@UBE_NXZ
?qt_metacall@QProcess@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QProcess@@UAEPAXPBD@Z
?metaObject@QProcess@@UBEPBUQMetaObject@@XZ
?disconnectNotify@QObject@@MAEXPBD@Z
?connectNotify@QObject@@MAEXPBD@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?self@QCoreApplication@@0PAV1@A
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
?currentTime@QTime@@SA?AV1@XZ
??1QString@@QAE@XZ
?append@QString@@QAEAAV1@ABV1@@Z
??0QString@@QAE@ABV0@@Z
?free@QString@@CAXPAUData@1@@Z
?fromAscii@QString@@SA?AV1@PBDH@Z
??1QByteArray@@QAE@XZ
??1QFileInfo@@QAE@XZ
?secsTo@QTime@@QBEHABV1@@Z
?qFree@@YAXPAX@Z
??4QString@@QAEAAV0@ABVQByteArray@@@Z
?readAllStandardOutput@QProcess@@QAE?AVQByteArray@@XZ
?indexOf@QString@@QBEHABV1@HW4CaseSensitivity@Qt@@@Z
?processEvents@QCoreApplication@@SAXV?$QFlags@W4ProcessEventsFlag@QEventLoop@@@@@Z
?shared_null@QString@@0UData@1@A
?start@QProcess@@QAEXABVQString@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QProcess@@QAE@PAVQObject@@@Z
?exists@QFileInfo@@QBE_NXZ
?singleShot@QTimer@@SAXHPAVQObject@@PBD@Z
??0QFileInfo@@QAE@ABVQString@@@Z
?applicationDirPath@QCoreApplication@@SA?AVQString@@XZ

msvcr90

_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_CxxThrowException
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
_decode_pointer
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
__CxxFrameHandler3

kernel32

GetCommandLineW
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
InterlockedExchange

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a51b5770305bb9a8adced62b63480391

Headers

DLL Characteristics

File Characteristics

Imports

imfc0

qtgui4

qtcore4

msvcr90

kernel32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 161KB - Virtual size: 164KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 161KB - Virtual size: 164KB