Static task
static1
Behavioral task
behavioral1
Sample
e07325578dce6ebd22081d5cd27081fa.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e07325578dce6ebd22081d5cd27081fa.exe
Resource
win10v2004-20240226-en
General
-
Target
e07325578dce6ebd22081d5cd27081fa
-
Size
346KB
-
MD5
e07325578dce6ebd22081d5cd27081fa
-
SHA1
2e038687c14956dbfd23d46ec9f8ab83637128f7
-
SHA256
8e658856787c2f6a33e5c28522f7e8da1e6169e7e9d369fe5f026a6c719a7fbc
-
SHA512
5aa119eec3204075a8d77f1ca95ebe2aebdbc90bdf5a62505ec247e624ce26812ddfbe89badd551f05b66b32c18eb7af967c9393c5ad2e0fbc5ff3df43f78727
-
SSDEEP
6144:A3YOcMVLsxq70IZioUgOEmj+u+4+9TQ+NOhDhVhEcrcd9v8ZEc1w8acRZBvn50ON:AIOcMVP0IYSbIgHqt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e07325578dce6ebd22081d5cd27081fa
Files
-
e07325578dce6ebd22081d5cd27081fa.exe windows:4 windows x86 arch:x86
74499643270a7ac3e90bb917a33bd76a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
qtcore4
_Z11qt_assert_xPKcS0_S0_i
_Z5qFreePv
_Z8qMemCopyPvPKvj
_Z8qWarningPKcz
_Z9qBadAllocv
_Z9qt_assertPKcS0_i
_ZN10QByteArray11shared_nullE
_ZN10QByteArrayC1EPKc
_ZN11QTextStreamC1EP9QIODevice
_ZN11QTextStreamD1Ev
_ZN11QTextStreamlsERK7QString
_ZN16QCoreApplication9argumentsEv
_ZN16QCoreApplicationC1ERiPPc
_ZN16QCoreApplicationD1Ev
_ZN5QFile4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN5QFile5closeEv
_ZN5QFileC1ERK7QString
_ZN5QFileD1Ev
_ZN7QBuffer4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN7QBufferC1EP10QByteArrayP7QObject
_ZN7QBufferD1Ev
_ZN7QString11shared_nullE
_ZN7QString16codecForCStringsE
_ZN7QString16fromAscii_helperEPKci
_ZN7QString4freeEPNS_4DataE
_ZN7QString9fromAsciiEPKci
_ZN7QStringaSERKS_
_ZN9QHashData11free_helperEPFvPNS_4NodeEE
_ZN9QHashData11shared_nullE
_ZN9QHashData12allocateNodeEi
_ZN9QHashData14detach_helper2EPFvPNS_4NodeEPvEPFvS1_Eii
_ZN9QHashData6rehashEi
_ZN9QIODevice4readEPcx
_ZN9QIODevice5writeEPKcx
_ZN9QIODevice9ungetCharEc
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData6detachEi
_ZNK7QString11toLocal8BitEv
_ZNK7QString3argERKS_iRK5QChar
_ZNK7QString5toIntEPbi
_ZNK7QString8endsWithERKS_N2Qt15CaseSensitivityE
_ZNK7QStringeqERK13QLatin1String
_ZNK7QStringeqERKS_
qtgui4
_ZN15QImageIOHandler5writeERK6QImage
_ZN15QImageIOHandler9setDeviceEP9QIODevice
_ZN15QImageIOHandler9setOptionENS_11ImageOptionERK8QVariant
_ZN15QImageIOHandlerC2Ev
_ZN15QImageIOHandlerD2Ev
_ZN6QImage12invertPixelsENS_10InvertModeE
_ZN6QImage12setNumColorsEi
_ZN6QImage15setAlphaChannelERKS_
_ZN6QImage4fillEj
_ZN6QImage4loadERK7QStringPKc
_ZN6QImage8scanLineEi
_ZN6QImage8setColorEij
_ZN6QImage8setPixelEiij
_ZN6QImageC1ERKS_
_ZN6QImageC1EiiNS_6FormatE
_ZN6QImageC1Ev
_ZN6QImageD1Ev
_ZN6QImageaSERKS_
_ZN8QPainter9drawImageERK7QPointFRK6QImage
_ZN8QPainter9translateERK7QPointF
_ZN8QPainterC1EP12QPaintDevice
_ZN8QPainterD1Ev
_ZNK15QImageIOHandler14nextImageDelayEv
_ZNK15QImageIOHandler14supportsOptionENS_11ImageOptionE
_ZNK15QImageIOHandler16currentImageRectEv
_ZNK15QImageIOHandler18currentImageNumberEv
_ZNK15QImageIOHandler6deviceEv
_ZNK15QImageIOHandler6optionENS_11ImageOptionE
_ZNK15QImageIOHandler9loopCountEv
_ZNK15QImageIOHandler9setFormatERK10QByteArray
_ZNK6QImage12bytesPerLineEv
_ZNK6QImage15convertToFormatENS_6FormatE6QFlagsIN2Qt19ImageConversionFlagEE
_ZNK6QImage15createAlphaMaskE6QFlagsIN2Qt19ImageConversionFlagEE
_ZNK6QImage15hasAlphaChannelEv
_ZNK6QImage4sizeEv
_ZNK6QImage5widthEv
_ZNK6QImage6heightEv
_ZNK6QImage6isNullEv
_ZNK6QImage6scaledERK5QSizeN2Qt15AspectRatioModeENS3_18TransformationModeE
kernel32
CloseHandle
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
msvcrt
_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
exit
fprintf
fputc
fputs
free
fwrite
malloc
memcpy
realloc
signal
sprintf
strcmp
strcpy
vfprintf
libgcc_s_dw2-1
_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__deregister_frame_info
__emutls_get_address
__register_frame_info
Sections
.text Size: 83KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
/4 Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 268B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
/14 Size: 1KB - Virtual size: 1KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/29 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/45 Size: 75KB - Virtual size: 74KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/57 Size: 12KB - Virtual size: 11KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/71 Size: 13KB - Virtual size: 13KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/83 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/96 Size: 2KB - Virtual size: 1KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/107 Size: 26KB - Virtual size: 25KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/118 Size: 6KB - Virtual size: 6KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ