9cd2a70af9fc85f7c6a0b0e83711b94f274c43b01ec0b32ead6b2277d809a4cc

Sharing

Copy URL Twitter E-mail

General

Target

9cd2a70af9fc85f7c6a0b0e83711b94f274c43b01ec0b32ead6b2277d809a4cc
Size

3.5MB
MD5

ae96bb61588f150a0d140be6b736ea66
SHA1

6163dcffc67f4820a4951b99da39121cc1458eed
SHA256

9cd2a70af9fc85f7c6a0b0e83711b94f274c43b01ec0b32ead6b2277d809a4cc
SHA512

b7c7fde13af732eb555836034bad33ae3c305ad9331c7caa4f9523ba91608df8a007bfbc70ac97921b677c1d8b9caa39836f091638a9a93ce5ff9d0088110b9b
SSDEEP

98304:na3QRIy3IoHDmHhf79ZZqAVUt0VGPVp7R:naARIy3IojefZq+XVqVd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9cd2a70af9fc85f7c6a0b0e83711b94f274c43b01ec0b32ead6b2277d809a4cc

Files

9cd2a70af9fc85f7c6a0b0e83711b94f274c43b01ec0b32ead6b2277d809a4cc
.exe .js windows:6 windows x86 arch:x86 polyglot

bbc744ba65b9e36baed3776d1eed15ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qt5qml

??0QJSValue@@QAE@N@Z
?call@QJSValue@@QAE?AV1@ABV?$QList@VQJSValue@@@@@Z
?isCallable@QJSValue@@QBE_NXZ
?property@QJSValue@@QBE?AV1@ABVQString@@@Z
?toString@QJSValue@@QBE?AVQString@@XZ
?isObject@QJSValue@@QBE_NXZ
?isString@QJSValue@@QBE_NXZ
??0QJSValue@@QAE@ABVQString@@@Z
?staticMetaObject@QQmlApplicationEngine@@2UQMetaObject@@B
?setContextProperty@QQmlContext@@QAEXABVQString@@ABVQVariant@@@Z
?setContextProperty@QQmlContext@@QAEXABVQString@@PAVQObject@@@Z
?objectCreated@QQmlApplicationEngine@@QAEXPAVQObject@@ABVQUrl@@@Z
?load@QQmlApplicationEngine@@QAEXABVQUrl@@@Z
??1QQmlApplicationEngine@@UAE@XZ
??0QQmlApplicationEngine@@QAE@PAVQObject@@@Z
?rootContext@QQmlEngine@@QBEPAVQQmlContext@@XZ
??0RegisterSingletonFunctor@QQmlPrivate@@QAE@$$QAU01@@Z
??0RegisterSingletonFunctor@QQmlPrivate@@QAE@ABU01@@Z
??1RegisterSingletonFunctor@QQmlPrivate@@QAE@XZ
??0RegisterSingletonFunctor@QQmlPrivate@@QAE@XZ
??RRegisterSingletonFunctor@QQmlPrivate@@QAEPAVQObject@@PAVQQmlEngine@@PAVQJSEngine@@@Z
?qmlregister@QQmlPrivate@@YAHW4RegistrationType@1@PAX@Z
?qdeclarativeelement_destructor@QQmlPrivate@@YAXPAVQObject@@@Z
??0QJSValue@@QAE@ABV0@@Z
??1QJSValue@@QAE@XZ
??0QJSValue@@QAE@W4SpecialValue@0@@Z

qt5network

?error@QNetworkReply@@QBE?AW4NetworkError@1@XZ
?downloadProgress@QNetworkReply@@QAEX_J0@Z
?errorOccurred@QNetworkReply@@QAEXW4NetworkError@1@@Z
?finished@QNetworkReply@@QAEXXZ
?get@QNetworkAccessManager@@QAEPAVQNetworkReply@@ABVQNetworkRequest@@@Z
??1QNetworkAccessManager@@UAE@XZ
??0QNetworkAccessManager@@QAE@PAVQObject@@@Z
?setPeerVerifyMode@QSslConfiguration@@QAEXW4PeerVerifyMode@QSslSocket@@@Z
??1QSslConfiguration@@QAE@XZ
?setSslConfiguration@QNetworkRequest@@QAEXABVQSslConfiguration@@@Z
?sslConfiguration@QNetworkRequest@@QBE?AVQSslConfiguration@@XZ
?setAttribute@QNetworkRequest@@QAEXW4Attribute@1@ABVQVariant@@@Z
??1QNetworkRequest@@QAE@XZ
??0QNetworkRequest@@QAE@ABVQUrl@@@Z
?allInterfaces@QNetworkInterface@@SA?AV?$QList@VQNetworkInterface@@@@XZ
?hardwareAddress@QNetworkInterface@@QBE?AVQString@@XZ
?flags@QNetworkInterface@@QBE?AV?$QFlags@W4InterfaceFlag@QNetworkInterface@@@@XZ
?isValid@QNetworkInterface@@QBE_NXZ
??1QNetworkInterface@@QAE@XZ
??0QNetworkInterface@@QAE@ABV0@@Z
?staticMetaObject@QNetworkReply@@2UQMetaObject@@B

qt5gui

?setText@QClipboard@@QAEXABVQString@@W4Mode@1@@Z
?text@QClipboard@@QBE?AVQString@@W4Mode@1@@Z
?clipboard@QGuiApplication@@SAPAVQClipboard@@XZ
?addApplicationFont@QFontDatabase@@SAHABVQString@@@Z
??0QGuiApplication@@QAE@AAHPAPADH@Z
??0QFont@@QAE@ABVQString@@HH_N@Z
?exec@QGuiApplication@@SAHXZ
?setFont@QGuiApplication@@SAXABVQFont@@@Z
??1QGuiApplication@@UAE@XZ
??1QFont@@QAE@XZ

qt5core

?qResourceFeatureZlib@@YAEXZ
?qUnregisterResourceData@@YA_NHPBE00@Z
?qRegisterResourceData@@YA_NHPBE00@Z
??8@YA_NABVQString@@0@Z
?instance@QCoreApplication@@SAPAV1@XZ
?inherits@QObject@@QBE_NPBD@Z
?removeEventFilter@QObject@@QAEXPAV1@@Z
?installEventFilter@QObject@@QAEXPAV1@@Z
?absolutePath@QFileInfo@@QBE?AVQString@@XZ
?absoluteFilePath@QFileInfo@@QBE?AVQString@@XZ
?setFile@QFileInfo@@QAEXABVQString@@@Z
??1QFileInfo@@QAE@XZ
??0QFileInfo@@QAE@XZ
?rename@QFile@@QAE_NABVQString@@@Z
?write@QIODevice@@QAE_JABVQByteArray@@@Z
?isOpen@QIODevice@@QBE_NXZ
?killTimer@QObject@@QAEXH@Z
?startTimer@QObject@@QAEHHW4TimerType@Qt@@@Z
?number@QString@@SA?AV1@NDH@Z
?arg@QString@@QBE?AV1@HHHVQChar@@@Z
?staticMetaObject@QIODevice@@2UQMetaObject@@B
?shared_null@QListData@@2UData@1@B
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?setPermissions@QFile@@UAE_NV?$QFlags@W4Permission@QFileDevice@@@@@Z
?permissions@QFile@@UBE?AV?$QFlags@W4Permission@QFileDevice@@@@XZ
?resize@QFile@@UAE_N_J@Z
?size@QFile@@UBE_JXZ
?fileName@QFile@@UBE?AVQString@@XZ
?qt_metacall@QFile@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QFile@@UAEPAXPBD@Z
?metaObject@QFile@@UBEPBUQMetaObject@@XZ
?readLineData@QFileDevice@@MAE_JPAD_J@Z
?writeData@QFileDevice@@MAE_JPBD_J@Z
?normalizedType@QMetaObject@@SA?AVQByteArray@@PBD@Z
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
??1QByteArray@@QAE@XZ
??0QString@@QAE@ABV0@@Z
??1QString@@QAE@XZ
??4QString@@QAEAAV0@$$QAV0@@Z
?registerNormalizedType@QMetaType@@SAHABVQByteArray@@P6AXPAX@ZP6APAX1PBX@ZHV?$QFlags@W4TypeFlag@QMetaType@@@@PBUQMetaObject@@@Z
?registerNormalizedTypedef@QMetaType@@SAHABVQByteArray@@H@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?qt_metacast@QObject@@UAEPAXPBD@Z
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?staticMetaObject@QObject@@2UQMetaObject@@B
?qBadAlloc@@YAXXZ
?qputenv@@YA_NPBDABVQByteArray@@@Z
??0QChar@@QAE@UQLatin1Char@@@Z
??0QByteArray@@QAE@XZ
??0QByteArray@@QAE@PBDH@Z
?reserve@QByteArray@@QAEXH@Z
?append@QByteArray@@QAEAAV1@D@Z
?append@QByteArray@@QAEAAV1@PBD@Z
??0QString@@QAE@XZ
?arg@QString@@QBE?AV1@ABV1@HVQChar@@@Z
?toLower@QString@@QGBE?AV1@XZ
?fromAscii_helper@QString@@CAPAU?$QTypedArrayData@G@@PBDH@Z
?className@QMetaObject@@QBEPBDXZ
??1Connection@QMetaObject@@QAE@XZ
?detach@QListData@@QAEPAUData@1@H@Z
?dispose@QListData@@SAXPAUData@1@@Z
?begin@QListData@@QBEPAPAXXZ
?end@QListData@@QBEPAPAXXZ
??1QObject@@UAE@XZ
?connectImpl@QObject@@CA?AVConnection@QMetaObject@@PBV1@PAPAX01PAVQSlotObjectBase@QtPrivate@@W4ConnectionType@Qt@@PBHPBU3@@Z
?setAttribute@QCoreApplication@@SAXW4ApplicationAttribute@Qt@@_N@Z
?exit@QCoreApplication@@SAXH@Z
??1QVariant@@QAE@XZ
??0QVariant@@QAE@PBD@Z
??0QVariant@@QAE@ABVQString@@@Z
??0QUrl@@QAE@ABV0@@Z
??0QUrl@@QAE@ABVQString@@W4ParsingMode@0@@Z
??1QUrl@@QAE@XZ
??8QUrl@@QBE_NABV0@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?readAll@QIODevice@@QAE?AVQByteArray@@XZ
??1QJsonValue@@QAE@XZ
?toString@QJsonValue@@QBE?AVQString@@XZ
??1QJsonDocument@@QAE@XZ
?fromJson@QJsonDocument@@SA?AV1@ABVQByteArray@@PAUQJsonParseError@@@Z
?object@QJsonDocument@@QBE?AVQJsonObject@@XZ
??1QJsonObject@@QAE@XZ
?value@QJsonObject@@QBE?AVQJsonValue@@ABVQString@@@Z
?close@QFileDevice@@UAEXXZ
??0QFile@@QAE@ABVQString@@@Z
??1QFile@@UAE@XZ
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
??4QString@@QAEAAV0@ABV0@@Z
?mid@QString@@QBE?AV1@HH@Z
?append@QString@@QAEAAV1@ABV1@@Z
?prepend@QString@@QAEAAV1@ABV1@@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?dispose@QListData@@QAEXXZ
?append@QListData@@QAEPAPAXXZ
??0QObject@@QAE@PAV0@@Z
?deleteLater@QObject@@QAEXXZ
?isValid@QUrl@@QBE_NXZ
?fileName@QUrl@@QBE?AVQString@@V?$QFlags@W4ComponentFormattingOption@QUrl@@@@@Z
??0QVariant@@QAE@_N@Z
?readData@QFileDevice@@MAE_JPAD_J@Z
?exists@QFile@@SA_NABVQString@@@Z
?remove@QFile@@SA_NABVQString@@@Z
?applicationDirPath@QCoreApplication@@SA?AVQString@@XZ
??0QDir@@QAE@ABVQString@@@Z
??1QDir@@QAE@XZ
?mkdir@QDir@@QBE_NABVQString@@@Z
?exists@QDir@@QBE_NABVQString@@@Z
??0QStorageInfo@@QAE@ABVQString@@@Z
??1QStorageInfo@@QAE@XZ
?bytesAvailable@QStorageInfo@@QBE_JXZ
?reset@QIODevice@@UAE_NXZ
?bytesAvailable@QIODevice@@UBE_JXZ
?bytesToWrite@QIODevice@@UBE_JXZ
?canReadLine@QIODevice@@UBE_NXZ
?waitForReadyRead@QIODevice@@UAE_NH@Z
?waitForBytesWritten@QIODevice@@UAE_NH@Z
?isSequential@QFileDevice@@UBE_NXZ
?pos@QFileDevice@@UBE_JXZ
?seek@QFileDevice@@UAE_N_J@Z
?atEnd@QFileDevice@@UBE_NXZ
?readyRead@QIODevice@@QAEXXZ

vcruntime140

__std_exception_destroy
__current_exception
__current_exception_context
memset
__std_exception_copy
memcpy
_CxxThrowException
__std_terminate
__CxxFrameHandler3
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_cexit
_controlfp_s
_register_onexit_function
_c_exit
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
terminate
_set_app_type
_seh_filter_exe

api-ms-win-crt-heap-l1-1-0

_set_new_mode
_callnewh
malloc
free

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

CloseHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCommandLineW
LocalFree
WideCharToMultiByte

shell32

CommandLineToArgvW

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbc744ba65b9e36baed3776d1eed15ca

Headers

DLL Characteristics

File Characteristics

Imports

qt5qml

qt5network

qt5gui

qt5core

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

shell32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 3.2MB - Virtual size: 3.2MB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 194KB - Virtual size: 194KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 3.2MB - Virtual size: 3.2MB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 194KB - Virtual size: 194KB

.reloc
Size: 4KB - Virtual size: 3KB