C:\dev\proj\quicktech\agent\agent\build\pdb\1.0.1.3579\vc17-x64_Release\QuicktechDownloader\Release\QuicktechDownloader.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Active.quicktech.com (4).exe
Resource
win10-20240404-en
windows10-1703-x64
22 signatures
150 seconds
General
-
Target
Active.quicktech.com (4).exe
-
Size
7.2MB
-
MD5
1d739034e2dedde157c750e91ff1462f
-
SHA1
a22e07055e5f8810887fbd1e817819d2f64aa648
-
SHA256
309772950e7400560d47ec30081333902d0e33f4faee3dfa99bb89ac833f6822
-
SHA512
95d6d8690dd995b9b8a7a1534fd840197f01f37c065985b22595c0617e41366d5af9ec020d73c96db77fb59350fc2729cf80c384de34fb50861c94bd8a9b0f56
-
SSDEEP
98304:Eb+E78YFs+GMI2ZQq/moGB5Bo4KcuG3BU/MfW2:KH93I2ZQq/moGB524UG3BU/Me
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Active.quicktech.com (4).exe
Files
-
Active.quicktech.com (4).exe.exe windows:6 windows x64 arch:x64
586f5291614fc90d7aa62d7338f7ee13
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
iphlpapi
GetAdaptersInfo
kernel32
ResetEvent
OpenEventA
WaitForSingleObjectEx
LoadLibraryExW
IsBadStringPtrA
IsBadReadPtr
FindNextFileW
GetLocaleInfoW
GetACP
RtlCaptureContext
QueryPerformanceFrequency
QueryPerformanceCounter
ExpandEnvironmentStringsW
CreateThread
PeekNamedPipe
WriteFile
ReadFile
GetTempFileNameW
GetLongPathNameW
FindFirstFileW
FindClose
CopyFileW
GetFileType
GetFileAttributesW
CreateFileW
SetCurrentDirectoryW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetExitCodeThread
GetCurrentThread
RaiseException
OutputDebugStringW
GetTempPathW
GetCommandLineW
GetCPInfo
IsValidCodePage
LockResource
GetNativeSystemInfo
GetVersionExW
TerminateProcess
GetCurrentProcessId
IsDebuggerPresent
GetEnvironmentVariableW
MultiByteToWideChar
SetErrorMode
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
GetFileAttributesExW
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
FlushFileBuffers
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetFileInformationByHandle
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryA
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
RtlVirtualUnwind
GlobalSize
GlobalAlloc
LoadLibraryW
FreeLibrary
GetCurrentThreadId
ExitProcess
MulDiv
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
AttachConsole
FreeConsole
ConvertFiberToThread
GetModuleHandleExW
DeleteFiber
SystemTimeToFileTime
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetSystemTime
GetFullPathNameW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetStdHandle
GetTimeZoneInformation
GetConsoleOutputCP
FreeLibraryAndExitThread
ExitThread
SetConsoleCtrlHandler
RtlUnwind
InterlockedPushEntrySList
RtlUnwindEx
GetStdHandle
GetModuleFileNameW
GetExitCodeProcess
GetCurrentProcess
FindResourceW
SizeofResource
SetEndOfFile
SetFilePointerEx
MoveFileExW
AreFileApisANSI
SetEnvironmentVariableW
RtlPcToFileHeader
GetLocaleInfoEx
FindFirstFileExW
SetFileInformationByHandle
GetFileInformationByHandleEx
LoadResource
GetStringTypeW
EncodePointer
LCMapStringEx
CompareStringEx
InitializeSListHead
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetLastError
DecodePointer
CloseHandle
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
CreateEventA
LocalFree
FormatMessageA
FormatMessageW
WideCharToMultiByte
SetLastError
CreateIoCompletionPort
GetQueuedCompletionStatus
InitializeCriticalSectionAndSpinCount
GetProcAddress
WaitForSingleObject
SleepEx
CreateEventW
SetWaitableTimer
Sleep
WaitForMultipleObjects
QueueUserAPC
TerminateThread
InitializeCriticalSection
GetDriveTypeW
GetLogicalDriveStringsW
GetVolumeInformationW
GetModuleHandleW
GetStartupInfoW
gdi32
DeleteDC
CreateCompatibleDC
EndPage
StartPage
EndDoc
StartDocW
SetAbortProc
EnumFontFamiliesExW
GetSystemPaletteEntries
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
CreateDCW
SetDIBColorTable
GetDIBColorTable
CreateDIBSection
GetDIBits
CreateDIBitmap
SetViewportOrgEx
CreateICW
GetTextExtentExPointW
GetCharABCWidthsW
CreateRectRgnIndirect
CreateSolidBrush
CreatePatternBrush
CreateHatchBrush
GetTextExtentPoint32W
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
RectInRegion
PtInRegion
GetRgnBox
EqualRgn
CombineRgn
CreateBitmapIndirect
CreateBitmap
ExtCreatePen
CreatePen
SetWindowOrgEx
SetWindowExtEx
SetViewportExtEx
PolyBezier
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
ModifyWorldTransform
SetWorldTransform
GetWorldTransform
SetStretchBltMode
SetROP2
StretchDIBits
StretchBlt
SetPolyFillMode
SetPixel
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
ExtSelectClipRgn
SelectClipRgn
RoundRect
Rectangle
PolyPolygon
Pie
MaskBlt
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetGraphicsMode
GetClipBox
ExtFloodFill
CreateFontIndirectW
DeleteObject
GetDeviceCaps
GetOutlineTextMetricsW
SelectObject
GetTextMetricsW
CreateRectRgn
ExcludeClipRect
RealizePalette
SelectPalette
SetBrushOrgEx
GdiFlush
ExtCreateRegion
GetRegionData
OffsetRgn
SetBkColor
SetBkMode
SetTextColor
GetObjectW
GetBkColor
LineTo
MoveToEx
ExtTextOutW
Arc
BitBlt
CreateCompatibleBitmap
Ellipse
comdlg32
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
PageSetupDlgW
ChooseFontW
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetPrinterW
shell32
ExtractIconW
CommandLineToArgvW
ExtractIconExW
ord6
SHGetFileInfoW
SHGetFolderPathW
DragAcceptFiles
DragQueryPoint
DragFinish
ShellExecuteExW
DragQueryFileW
shlwapi
SHAutoComplete
comctl32
ord17
ord16
ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_SetBkColor
ImageList_Draw
ImageList_Replace
ImageList_GetImageInfo
ImageList_GetIconSize
rpcrt4
RpcStringFreeW
UuidToStringW
oleacc
LresultFromObject
uxtheme
GetThemeSysColor
GetThemeSysFont
GetThemePartSize
GetThemeBackgroundExtent
GetCurrentThemeName
IsThemePartDefined
SetWindowTheme
GetThemeInt
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
IsThemeBackgroundPartiallyTransparent
GetThemeColor
DrawThemeParentBackground
IsThemeActive
IsAppThemed
GetThemeMargins
GetThemeFont
crypt32
CertFindCertificateInStore
CertCloseStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertOpenStore
CertFreeCertificateContext
CertEnumCertificatesInStore
user32
DestroyCursor
CreateIconIndirect
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
GetDoubleClickTime
GetCaretBlinkTime
GetMenuState
CreateMenu
CreatePopupMenu
DestroyMenu
GetSubMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
SetMenuInfo
InsertMenuItemW
SetMenuItemInfoW
ValidateRgn
SetRectEmpty
IsRectEmpty
GetWindowDC
BeginPaint
EndPaint
UnionRect
GetDesktopWindow
DrawStateW
GetComboBoxInfo
IsMenu
keybd_event
HideCaret
ChildWindowFromPoint
DrawEdge
DrawFrameControl
CheckMenuItem
GetMenuItemID
GetSysColorBrush
CheckMenuRadioItem
RegisterClipboardFormatW
GetClipboardFormatNameW
ChangeDisplaySettingsExW
EnumDisplaySettingsW
MonitorFromPoint
EnumDisplayMonitors
IsClipboardFormatAvailable
wsprintfW
MsgWaitForMultipleObjects
SetTimer
KillTimer
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
DdeClientTransaction
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
GetProcessWindowStation
GetUserObjectInformationW
GetWindowPlacement
SetWindowRgn
GetDlgItem
GetMessageW
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
IsDialogMessageW
CallNextHookEx
FindWindowExW
SetWindowsHookExW
GetWindow
SetParent
GetParent
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
InflateRect
FillRect
GetSysColor
ChildWindowFromPointEx
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
SetWindowTextW
EnableScrollBar
ScrollWindow
RedrawWindow
InvalidateRect
GetUpdateRgn
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
GetSystemMetrics
IsWindowEnabled
EnableWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
VkKeyScanW
GetAsyncKeyState
GetFocus
GetActiveWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
MoveWindow
AnimateWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
CallWindowProcW
PostQuitMessage
DefWindowProcW
GetMessagePos
UnregisterHotKey
RegisterHotKey
PeekMessageW
DispatchMessageW
TranslateMessage
ReleaseDC
GetDC
DestroyIcon
GetWindowRect
SetMenu
PostMessageW
SendMessageW
RegisterWindowMessageW
LoadCursorW
GetProcessDefaultLayout
MessageBoxW
GetKeyState
RegisterClassW
GetClassNameW
SetRect
MessageBeep
UnregisterClassW
GetWindowTextLengthW
GetWindowTextW
GetIconInfo
LoadImageW
LoadIconW
LoadBitmapW
DrawFocusRect
DrawTextW
SetForegroundWindow
DrawIconEx
ValidateRect
UnhookWindowsHookEx
PostThreadMessageW
EnableMenuItem
GetSystemMenu
DrawMenuBar
GetDialogBaseUnits
CreateDialogIndirectParamW
IsZoomed
BringWindowToTop
IsIconic
FlashWindowEx
SetLayeredWindowAttributes
GetMonitorInfoW
MonitorFromWindow
OffsetRect
CreateDialogParamW
CopyRect
SetWindowLongPtrW
GetMessageTime
advapi32
RegCloseKey
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegSetValueExW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetUserNameW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW
ws2_32
WSAIoctl
WSAGetLastError
WSASetLastError
setsockopt
select
listen
htonl
getsockopt
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
WSACleanup
WSAStartup
WSASocketW
getaddrinfo
freeaddrinfo
recv
send
WSARecv
getsockname
WSASend
ole32
CoCreateInstance
CoTaskMemFree
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoTaskMemAlloc
OleUninitialize
CoUninitialize
CoInitializeEx
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
ReleaseStgMedium
msimg32
AlphaBlend
GradientFill
bcrypt
BCryptGenRandom
Exports
Exports
??0?$codecvt_null@_W@archive@boost@@QEAA@_K@Z
??0?$oserializer@Vtext_oarchive@archive@boost@@VClientSettings@types@qnet@quicktech@@@detail@archive@boost@@QEAA@XZ
??0?$singleton@V?$extended_type_info_typeid@UOneTimeSettings@types@qnet@quicktech@@@serialization@boost@@@serialization@boost@@IEAA@XZ
??0?$singleton@V?$extended_type_info_typeid@VClientSettings@types@qnet@quicktech@@@serialization@boost@@@serialization@boost@@IEAA@XZ
??1?$codecvt_null@_W@archive@boost@@UEAA@XZ
??_F?$codecvt_null@_W@archive@boost@@QEAAXXZ
?do_always_noconv@?$codecvt_null@_W@archive@boost@@EEBA_NXZ
?do_encoding@?$codecvt_null@_W@archive@boost@@EEBAHXZ
?do_in@?$codecvt_null@_W@archive@boost@@EEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?do_max_length@?$codecvt_null@_W@archive@boost@@EEBAHXZ
?do_out@?$codecvt_null@_W@archive@boost@@EEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UOneTimeSettings@types@qnet@quicktech@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@UOneTimeSettings@types@qnet@quicktech@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@VClientSettings@types@qnet@quicktech@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VClientSettings@types@qnet@quicktech@@@23@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_iarchive@archive@boost@@UOneTimeSettings@types@qnet@quicktech@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vtext_iarchive@archive@boost@@UOneTimeSettings@types@qnet@quicktech@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_iarchive@archive@boost@@VClientSettings@types@qnet@quicktech@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vtext_iarchive@archive@boost@@VClientSettings@types@qnet@quicktech@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_oarchive@archive@boost@@VClientSettings@types@qnet@quicktech@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vtext_oarchive@archive@boost@@VClientSettings@types@qnet@quicktech@@@detail@archive@3@XZ
?get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ
?get_mutable_instance@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?is_destroyed@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_locked@singleton_module@serialization@boost@@QEAA_NXZ
?load_object_data@?$iserializer@Vtext_iarchive@archive@boost@@UOneTimeSettings@types@qnet@quicktech@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z
?load_object_data@?$iserializer@Vtext_iarchive@archive@boost@@VClientSettings@types@qnet@quicktech@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z
?lock@?1??get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ@4_NA
?lock@singleton_module@serialization@boost@@QEAAXXZ
?save_object_data@?$oserializer@Vtext_oarchive@archive@boost@@VClientSettings@types@qnet@quicktech@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z
?unlock@singleton_module@serialization@boost@@QEAAXXZ
Sections
.text Size: 4.9MB - Virtual size: 4.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 121KB - Virtual size: 322KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 206KB - Virtual size: 205KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 111KB - Virtual size: 111KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ