qbittorrent.pdb
Static task
static1
1 signatures
General
-
Target
qbittorrent.exe
-
Size
30.8MB
-
MD5
63aa994700be0b73d52bcb0fdfea099c
-
SHA1
bda9d034ebc1e4fe86159a5001f199e6e3f84028
-
SHA256
1cd057a98030e0cea6095a82470792da9940fb627c52391b2b1dc215d42dfc31
-
SHA512
7f4d3a526ec7bd64a7bb7208c87105336f62d87ed0f658bbd20584e8ae04f42dbd984a80cdd982b329775cfdf2e2eb57c40be43ee0cf54bec56f3f84f37e0b79
-
SSDEEP
393216:v6278nzoFmEPWQafMfy4QxcpufrmCod09cXUKHfrLwaPKFdu9CwJsv6t64Hc53F:v4aSaAr1n9Yx/rrE48F
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource qbittorrent.exe
Files
-
qbittorrent.exe.exe windows:6 windows x64 arch:x64
1b808774e915d7bae0ae17f2d54477d4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
uxtheme
GetThemeTransitionDuration
GetThemeInt
GetThemeEnumValue
GetThemePropertyOrigin
GetThemeColor
IsThemeBackgroundPartiallyTransparent
OpenThemeData
IsThemeActive
IsAppThemed
SetWindowTheme
CloseThemeData
ord47
GetThemeBool
GetCurrentThemeName
GetThemeMargins
GetThemeBackgroundRegion
GetThemePartSize
d3d11
D3D11CreateDevice
dxgi
CreateDXGIFactory1
CreateDXGIFactory2
dwrite
DWriteCreateFactory
gdi32
GetStockObject
CreateFontIndirectW
GetFontData
EnumFontFamiliesExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
AddFontResourceExW
RemoveFontResourceExW
CreateBitmap
GetOutlineTextMetricsW
GetCharWidthI
GetTextExtentPoint32W
SetGraphicsMode
SetWorldTransform
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetDIBits
SelectClipRgn
GetRegionData
GetCharABCWidthsI
GetCharABCWidthsW
SetTextColor
SetBkMode
GdiFlush
CreateDIBSection
CreateCompatibleDC
DeleteDC
SelectObject
DeleteObject
CombineRgn
CreateRectRgn
GetObjectW
GetBitmapBits
CreateCompatibleBitmap
CreateDCW
OffsetRgn
CreateSolidBrush
SetLayout
BitBlt
GetDeviceCaps
GetTextFaceW
ExtTextOutW
SetTextAlign
dwmapi
DwmEnableBlurBehindWindow
DwmGetWindowAttribute
DwmSetWindowAttribute
imm32
ImmNotifyIME
ImmReleaseContext
ImmGetOpenStatus
ImmAssociateContextEx
ImmAssociateContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetDefaultIMEWnd
ImmGetCompositionStringW
ImmGetVirtualKey
ImmGetContext
oleaut32
VariantInit
SysStringLen
GetErrorInfo
VariantClear
SysFreeString
SafeArrayCreateVector
SafeArrayPutElement
SysAllocString
SetErrorInfo
shlwapi
AssocQueryStringW
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
api-ms-win-shcore-scaling-l1-1-1
GetProcessDpiAwareness
GetDpiForMonitor
SetProcessDpiAwareness
comdlg32
GetOpenFileNameW
GetSaveFileNameW
d3d9
Direct3DCreate9
powrprof
SetSuspendState
wsock32
htonl
ntohs
WSASetLastError
WSAGetLastError
htons
setsockopt
inet_ntoa
getsockopt
connect
getsockname
listen
select
closesocket
bind
accept
__WSAFDIsSet
getpeername
ord1141
ord1142
socket
ntohl
WSACleanup
WSAStartup
iphlpapi
CancelMibChangeNotify2
NotifyUnicastIpAddressChange
ConvertInterfaceLuidToIndex
ConvertInterfaceIndexToLuid
ConvertInterfaceLuidToNameW
ConvertInterfaceLuidToGuid
ConvertInterfaceNameToLuidW
GetAdaptersAddresses
winhttp
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetDefaultProxyConfiguration
WinHttpOpen
WinHttpCloseHandle
secur32
ApplyControlToken
EncryptMessage
FreeContextBuffer
InitSecurityInterfaceW
DeleteSecurityContext
QueryContextAttributesW
AcquireCredentialsHandleW
FreeCredentialsHandle
DecryptMessage
AcceptSecurityContext
InitializeSecurityContextW
bcrypt
BCryptOpenAlgorithmProvider
BCryptDestroyKey
BCryptGenRandom
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptDecrypt
BCryptEncrypt
crypt32
CertCloseStore
PFXImportCertStore
CertAddStoreToCollection
CertFindChainInStore
CertGetCertificateChain
CertVerifyTimeValidity
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFreeCertificateChain
CertFindCertificateInStore
CertOpenStore
CertCreateCertificateContext
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertOpenSystemStoreW
CertOpenSystemStoreA
api-ms-win-core-synch-l1-2-0
WakeByAddressAll
WakeByAddressSingle
WaitOnAddress
mpr
WNetGetUniversalNameW
userenv
GetUserProfileDirectoryW
advapi32
CryptSetHashParam
AdjustTokenPrivileges
LookupPrivilegeValueW
GetUserNameW
InitiateSystemShutdownW
RegCloseKey
RegEnumKeyExW
RegFlushKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegCreateKeyExW
LookupAccountSidW
GetNamedSecurityInfoW
AddAccessAllowedAceEx
AddAccessDeniedAceEx
DuplicateToken
CopySid
SystemFunction036
GetSidSubAuthorityCount
GetSidSubAuthority
CryptDestroyKey
CryptGetUserKey
CryptAcquireContextW
CryptEnumProvidersW
CryptDecrypt
CryptExportKey
CryptCreateHash
OpenProcessToken
CryptDestroyHash
CryptSignHashW
CryptGetProvParam
CryptReleaseContext
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegNotifyChangeKeyValue
LookupAccountNameW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
FreeSid
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
GetTokenInformation
InitializeSecurityDescriptor
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
authz
AuthzFreeResourceManager
AuthzInitializeContextFromSid
AuthzInitializeContextFromToken
AuthzFreeContext
AuthzAccessCheck
AuthzInitializeResourceManager
kernel32
FileTimeToSystemTime
MoveFileExW
MoveFileW
GetCurrentDirectoryW
GetLogicalDrives
SetErrorMode
SetFileTime
GetFileInformationByHandleEx
FlsSetValue
FlsGetValue
FlsAlloc
GetExitCodeThread
CloseThreadpoolWork
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
FindFirstFileExW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
FindFirstChangeNotificationW
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
LoadLibraryExW
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceComplete
GetVolumePathNamesForVolumeNameW
TzSpecificLocalTimeToSystemTime
VirtualQuery
OpenFileMappingW
FindCloseChangeNotification
FindNextChangeNotification
SetConsoleCtrlHandler
GetConsoleOutputCP
ExitProcess
ExitThread
FreeLibraryAndExitThread
SystemTimeToTzSpecificLocalTime
GetCommandLineA
SetStdHandle
IsValidLocale
GetVolumeNameForVolumeMountPointW
GetDiskFreeSpaceExW
GetUserGeoID
GetGeoInfoW
CreateSemaphoreW
ReleaseSemaphore
K32GetModuleFileNameExW
FlsFree
InitializeCriticalSectionEx
GetTimeZoneInformation
InitializeSListHead
UnhandledExceptionFilter
EnumSystemLocalesW
SetEnvironmentVariableW
IsValidCodePage
GetOEMCP
WriteConsoleW
GetUserDefaultLocaleName
InitOnceBeginInitialize
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
RaiseException
RtlPcToFileHeader
SetFileAttributesW
GetLocaleInfoEx
VirtualAlloc
VirtualFree
HeapDestroy
CloseHandle
GetCurrentProcess
GetCurrentThread
SetThreadPriority
GetProcAddress
LoadLibraryW
LocalFree
FormatMessageA
FormatMessageW
WideCharToMultiByte
GetCurrentProcessId
GetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexW
OpenMutexW
Sleep
WaitForMultipleObjects
RtlCaptureStackBackTrace
MultiByteToWideChar
GetDriveTypeW
GetVolumePathNameW
GetSystemDirectoryW
VerSetConditionMask
VerifyVersionInfoW
SetThreadExecutionState
GetVolumeInformationW
lstrcmpW
GetConsoleWindow
GetLongPathNameW
GetUserDefaultLangID
LocalAlloc
GetModuleHandleW
GetCurrentThreadId
WTSGetActiveConsoleSessionId
OpenProcess
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
ExpandEnvironmentStringsW
CreateProcessW
GlobalSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateFileW
UnmapViewOfFile
GetFileSize
CreateFileMappingW
MapViewOfFile
PostQueuedCompletionStatus
SetWaitableTimer
SetLastError
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
CreateEventW
SetEvent
TerminateThread
QueueUserAPC
SleepEx
CreateIoCompletionPort
GetFileAttributesExW
CreateDirectoryW
RemoveDirectoryW
CreateHardLinkW
GetFileInformationByHandle
DeleteFileW
CopyFileW
ReadFile
FindFirstFileW
GetFileSizeEx
FindNextFileW
WriteFile
DeviceIoControl
SetEndOfFile
FindClose
LoadLibraryA
GetOverlappedResult
SetFilePointerEx
CreateEventA
CreateWaitableTimerA
GetACP
CancelIoEx
CancelIo
GetModuleHandleA
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
WaitForMultipleObjectsEx
WaitNamedPipeW
DisconnectNamedPipe
CreateNamedPipeW
ConnectNamedPipe
ResetEvent
GlobalFree
SystemTimeToFileTime
GetSystemTime
GetModuleHandleExW
DeleteFiber
SwitchToFiber
CreateFiber
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetStdHandle
GetEnvironmentVariableW
GetFileType
RtlVirtualUnwind
QueryPerformanceCounter
ConvertFiberToThread
ConvertThreadToFiber
FreeLibrary
SetConsoleMode
ReadConsoleA
GetConsoleMode
ReadConsoleW
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
UnlockFileEx
GetTempPathW
GetFileAttributesW
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
GetModuleFileNameW
UnlockFile
LockFileEx
GetProcessHeap
GetTickCount
FlushFileBuffers
CompareStringEx
GetNativeSystemInfo
IsProcessorFeaturePresent
TerminateProcess
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
GetProcessId
GetLocalTime
DuplicateHandle
CreateThread
SwitchToThread
GetThreadPriority
ResumeThread
QueryPerformanceFrequency
CompareStringW
LCMapStringW
GetUserDefaultLCID
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
GetUserPreferredUILanguages
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWait
CloseThreadpoolWait
PeekNamedPipe
netapi32
NetApiBufferFree
NetShareEnum
ole32
OleInitialize
CoGetMalloc
OleUninitialize
RegisterDragDrop
CoTaskMemFree
StringFromGUID2
CoCreateGuid
CoInitializeEx
CoUninitialize
DoDragDrop
CoCreateInstance
OleIsCurrentClipboard
OleSetClipboard
RevokeDragDrop
OleFlushClipboard
CoLockObjectExternal
CoGetApartmentType
CoGetObjectContext
OleGetClipboard
ReleaseStgMedium
CoCreateFreeThreadedMarshaler
user32
DestroyIcon
GetSystemMenu
EnableMenuItem
GetSysColor
GetSystemMetrics
SystemParametersInfoW
DestroyWindow
GetDesktopWindow
GetDC
ReleaseDC
MessageBoxW
CreateIconIndirect
GetIconInfo
DrawIconEx
SystemParametersInfoForDpi
IsWindow
GetCaretBlinkTime
GetDoubleClickTime
MessageBeep
UpdateLayeredWindowIndirect
DefWindowProcW
DestroyCursor
GetWindowLongPtrW
GetAncestor
GetCapture
GetClientRect
ClientToScreen
ScreenToClient
SetWindowLongPtrW
GetWindowPlacement
GetWindowRect
GetParent
IsWindowVisible
UpdateLayeredWindow
SetLayeredWindowAttributes
InvalidateRect
GetSystemMetricsForDpi
MonitorFromPoint
GetDpiForWindow
CreateWindowExW
SetWindowPos
AdjustWindowRectEx
AdjustWindowRectExForDpi
IsTouchWindow
SetWindowTextW
SetParent
ShowWindow
UnregisterTouchWindow
SetForegroundWindow
GetForegroundWindow
IsChild
GetWindow
SetWindowPlacement
IsIconic
MoveWindow
FillRect
GetUpdateRect
BeginPaint
EndPaint
AllowSetForegroundWindow
GetMenu
SetWindowRgn
GetWindowThreadProcessId
AttachThreadInput
SetFocus
SetCapture
PostMessageW
SetCursor
FlashWindowEx
SendMessageW
RegisterTouchWindow
GetKeyboardLayoutList
GetAwarenessFromDpiAwarenessContext
GetWindowDpiAwarenessContext
EnableNonClientDpiScaling
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
ShutdownBlockReasonDestroy
GetSysColorBrush
GetClassInfoW
LoadImageW
RegisterClassExW
UnregisterClassW
ChildWindowFromPointEx
WindowFromPoint
GetCursorPos
GetFocus
AddClipboardFormatListener
SetClipboardViewer
RemoveClipboardFormatListener
ChangeClipboardChain
IsHungAppWindow
RegisterClipboardFormatW
GetMessageW
GetPointerInfo
SendInput
GetDisplayConfigBufferSizes
QueryDisplayConfig
DisplayConfigGetDeviceInfo
GetMonitorInfoW
EnumDisplayMonitors
MonitorFromWindow
GetKeyboardLayout
RegisterWindowMessageW
FindWindowA
IsWindowEnabled
CreateCaret
ShowCaret
DestroyCaret
SetCaretPos
GetMenuItemInfoW
SetMenuItemInfoW
ModifyMenuW
RemoveMenu
InsertMenuW
AppendMenuW
CreateMenu
DestroyMenu
CreatePopupMenu
TrackPopupMenu
SetMenu
DrawMenuBar
ToUnicode
GetKeyboardState
ToAscii
IsZoomed
TrackPopupMenuEx
PeekMessageW
GetKeyState
MapVirtualKeyW
LoadIconW
GetClipboardFormatNameW
EnumDisplayDevicesW
CreateCursor
GetCursor
GetCursorInfo
SetCursorPos
LoadCursorW
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetTouchInputInfo
CloseTouchInputHandle
GetPointerType
GetPointerFrameTouchInfo
GetPointerFrameTouchInfoHistory
GetPointerPenInfo
GetPointerPenInfoHistory
SkipPointerFrameMessages
GetPointerDeviceRects
ChangeWindowMessageFilterEx
GetProcessWindowStation
GetUserObjectInformationW
EnumWindows
PostThreadMessageW
CharNextExA
KillTimer
GetQueueStatus
SetTimer
RegisterClassW
SetCoalescableTimer
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
ShutdownBlockReasonCreate
SetProcessDpiAwarenessContext
ReleaseCapture
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
ws2_32
WSAHtonl
WSAAccept
WSAConnect
WSANtohs
getnameinfo
WSAIoctl
WSASendTo
WSARecvFrom
WSASend
WSASocketW
getaddrinfo
WSARecv
freeaddrinfo
WSAStringToAddressW
WSAAddressToStringW
WSAAsyncSelect
gethostname
WSANtohl
winmm
timeKillEvent
timeSetEvent
PlaySoundW
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateStringReference
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
shell32
SHGetStockIconInfo
SHCreateItemFromParsingName
SHGetKnownFolderIDList
SHCreateItemFromIDList
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
Shell_NotifyIconGetRect
Shell_NotifyIconW
ShellExecuteExW
SHGetKnownFolderPath
CommandLineToArgvW
ord155
SHChangeNotify
ord727
ord190
SHOpenFolderAndSelectItems
ShellExecuteW
SHGetFileInfoW
dbgeng
DebugCreate
Exports
Exports
qt_startup_hook
Sections
.text Size: 17.8MB - Virtual size: 17.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11.4MB - Virtual size: 11.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 377KB - Virtual size: 498KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 661KB - Virtual size: 661KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmimed Size: 331KB - Virtual size: 330KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 149KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ