qwertick[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

qwertick.exe
Size

33KB
MD5

ba02f98166f1fd960d1371b74f4bb367
SHA1

071f273811f018da9800d9fcc45d6aed057752a8
SHA256

ce60cf3e7ff7c021b54921d9baa7bd4418bc078e9ca815b74bf80b0b95404025
SHA512

49b191cffa0f0dda11e34338ef2d54994ac665af046679d10277979a1026e04bc0d5ba12d76073e415c14d2d8cb0072e17799c007bb1caa1008c8416928bfcf2
SSDEEP

768:cglsgOVwhDt1j38UiY0mZM6UKQTqThTwfVJRX0lyPGXOyyfgfRu:cggw31j38U8m0Kh9kfVDnPyyY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
qwertick.exe

Files

qwertick.exe
.exe windows:4 windows x86 arch:x86

fd90b4ca7b394daf52034fdba96e9d8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageA
GetClassInfoA
IsDlgButtonChecked
DefDlgProcA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SetWindowTextA
FlashWindow
FindWindowA
PostQuitMessage
DialogBoxParamA
FillRect
DestroyIcon
KillTimer
RegisterClassA
LoadBitmapA
LoadIconA
SetTimer
DestroyWindow
MessageBeep
GetClientRect
UnregisterClassA
CreateWindowExA
GetDlgItem
EndDialog
SetWindowPos
ShowWindow
GetCursorPos

gdi32

CreateRoundRectRgn
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
DeleteDC
CreateSolidBrush
SetTextColor
FillRgn
BitBlt

shell32

Shell_NotifyIconA

winmm

PlaySoundA

kernel32

lstrcpynA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetProcessHeap
HeapAlloc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ