Screenshot[.]jpg

Sharing

Copy URL Twitter E-mail

General

Target

Screenshot.jpg
Size

45KB
MD5

dba35d31c2b6797c8a4d38ae27d68e6e
SHA1

37948e71dc758964e0aa19aee063b50ef87a7290
SHA256

086d6ba24f34a269856c4e0159a860657590d05aabb2530247e685543b34c52f
SHA512

282e7613fe445785fa5ed345415bc008637b7d1d7988cc6da715b024311a1c29425f5edb26a1d90f301af408b60244dd81e1459eef2aab10b07d1ac352770b4b
SSDEEP

768:B+B5mIpDC6s1Hf30HdG806zHgaEsyJa5gYnDGMHgtpQu8KOqfyc:UB5mTfEHdh0GHga9nDGigvQu8K/J

Score

1^/10

Malware Config

Signatures

Files

Screenshot.jpg
.dll windows:6 windows x86 arch:x86

9043a0459baa7e86a8246f1ef2c4bb0d

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

00:c1:69:5f:02:13:f0:63:57:11:03:6b:0a:b8:8e:70:d6:2e:cd:d4
Signer

Actual PE Digest

00:c1:69:5f:02:13:f0:63:57:11:03:6b:0a:b8:8e:70:d6:2e:cd:d4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qt5network

?staticMetaObject@QBearerEngine@@2UQMetaObject@@B
?qt_metacall@QBearerEngine@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QBearerEngine@@UAEPAXPBD@Z
?staticMetaObject@QNetworkSessionPrivate@@2UQMetaObject@@B
?qt_metacall@QNetworkSessionPrivate@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QNetworkSessionPrivate@@UAEPAXPBD@Z
?staticMetaObject@QBearerEnginePlugin@@2UQMetaObject@@B
??1QBearerEnginePlugin@@UAE@XZ
??0QBearerEnginePlugin@@QAE@PAVQObject@@@Z
?qt_metacall@QBearerEnginePlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QBearerEnginePlugin@@UAEPAXPBD@Z
?usagePoliciesChanged@QNetworkSessionPrivate@@QAEXV?$QFlags@W4UsagePolicy@QNetworkSession@@@@@Z
?newConfigurationActivated@QNetworkSessionPrivate@@QAEXXZ
?closed@QNetworkSessionPrivate@@QAEXXZ
?stateChanged@QNetworkSessionPrivate@@QAEXW4State@QNetworkSession@@@Z
?error@QNetworkSessionPrivate@@QAEXW4SessionError@QNetworkSession@@@Z
?quitPendingWaitsForOpened@QNetworkSessionPrivate@@QAEXXZ
?qNetworkConfigurationManagerPrivate@@YAPAVQNetworkConfigurationManagerPrivate@@XZ
?engines@QNetworkConfigurationManagerPrivate@@QBE?AV?$QList@PAVQBearerEngine@@@@XZ
?interfaceFromName@QNetworkInterface@@SA?AV1@ABVQString@@@Z
??0QNetworkInterface@@QAE@XZ
?isValid@QNetworkConfiguration@@QBE_NXZ
?children@QNetworkConfiguration@@QBE?AV?$QList@VQNetworkConfiguration@@@@XZ
?identifier@QNetworkConfiguration@@QBE?AVQString@@XZ
?type@QNetworkConfiguration@@QBE?AW4Type@1@XZ
?state@QNetworkConfiguration@@QBE?AV?$QFlags@W4StateFlag@QNetworkConfiguration@@@@XZ
??8QNetworkConfiguration@@QBE_NABV0@@Z
??1QNetworkConfiguration@@QAE@XZ
??4QNetworkConfiguration@@QAEAAV0@ABV0@@Z
??0QNetworkConfiguration@@QAE@ABV0@@Z
??0QNetworkConfiguration@@QAE@XZ
?setALREnabled@QNetworkSessionPrivate@@UAEX_N@Z
?requiresPolling@QBearerEngine@@UBE_NXZ
??1QNetworkSessionPrivate@@UAE@XZ
??0QNetworkSessionPrivate@@QAE@XZ
?updateCompleted@QBearerEngine@@QAEXXZ
?configurationChanged@QBearerEngine@@QAEXV?$QExplicitlySharedDataPointer@VQNetworkConfigurationPrivate@@@@@Z
?configurationRemoved@QBearerEngine@@QAEXV?$QExplicitlySharedDataPointer@VQNetworkConfigurationPrivate@@@@@Z
?configurationAdded@QBearerEngine@@QAEXV?$QExplicitlySharedDataPointer@VQNetworkConfigurationPrivate@@@@@Z
??1QBearerEngine@@UAE@XZ
??0QBearerEngine@@QAE@PAVQObject@@@Z
?allInterfaces@QNetworkInterface@@SA?AV?$QList@VQNetworkInterface@@@@XZ
?interfaceFromIndex@QNetworkInterface@@SA?AV1@H@Z
?addressEntries@QNetworkInterface@@QBE?AV?$QList@VQNetworkAddressEntry@@@@XZ
?hardwareAddress@QNetworkInterface@@QBE?AVQString@@XZ
?flags@QNetworkInterface@@QBE?AV?$QFlags@W4InterfaceFlag@QNetworkInterface@@@@XZ
?humanReadableName@QNetworkInterface@@QBE?AVQString@@XZ
?name@QNetworkInterface@@QBE?AVQString@@XZ
?index@QNetworkInterface@@QBEHXZ
?isValid@QNetworkInterface@@QBE_NXZ
??1QNetworkInterface@@QAE@XZ
??0QNetworkInterface@@QAE@ABV0@@Z
??1QNetworkAddressEntry@@QAE@XZ

qt5core

?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?staticMetaObject@QObject@@2UQMetaObject@@B
?currentDateTimeUtc@QDateTime@@SA?AV1@XZ
?toTime_t@QDateTime@@QBEIXZ
??1QDateTime@@QAE@XZ
?toInt@QVariant@@QBEHPA_N@Z
??0QVariant@@QAE@H@Z
??0QVariant@@QAE@XZ
?disconnect@QObject@@SA_NPBV1@PBD01@Z
??0QMutex@@QAE@W4RecursionMode@0@@Z
??1QMutex@@QAE@XZ
?lock@QMutex@@QAEXXZ
?unlock@QMutex@@QAEXXZ
?unlock@QMutexLocker@@QAEXXZ
?relock@QMutexLocker@@QAEXXZ
??0QChar@@QAE@UQLatin1Char@@@Z
?qHash@@YAIABVQString@@I@Z
?detach@QListData@@QAEPAUData@1@H@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?realloc@QListData@@QAEXH@Z
?dispose@QListData@@SAXPAUData@1@@Z
?erase@QListData@@QAEPAPAXPAPAX@Z
?append@QListData@@QAEPAPAXXZ
??0QString@@QAE@XZ
??0QString@@QAE@VQLatin1String@@@Z
??0QString@@QAE@ABV0@@Z
??1QString@@QAE@XZ
??4QString@@QAEAAV0@ABV0@@Z
??4QString@@QAEAAV0@$$QAV0@@Z
?arg@QString@@QBE?AV1@ABV1@HVQChar@@@Z
?append@QString@@QAEAAV1@ABV1@@Z
?utf16@QString@@QBEPBGXZ
?fromLatin1@QString@@SA?AV1@PBDH@Z
?number@QString@@SA?AV1@HH@Z
?number@QString@@SA?AV1@IH@Z
??8@YA_NABVQString@@0@Z
??M@YA_NABVQString@@0@Z
?allocateNode@QHashData@@QAEPAXH@Z
?freeNode@QHashData@@QAEXPAX@Z
?detach_helper@QHashData@@QAEPAU1@P6AXPAUNode@1@PAX@ZP6AX0@ZHH@Z
?hasShrunk@QHashData@@QAEXXZ
?rehash@QHashData@@QAEXH@Z
?free_helper@QHashData@@QAEXP6AXPAUNode@1@@Z@Z
?nextNode@QHashData@@SAPAUNode@1@PAU21@@Z
??0QSharedData@@QAE@XZ
?freeNodeAndRebalance@QMapDataBase@@QAEXPAUQMapNodeBase@@@Z
?recalcMostLeftNode@QMapDataBase@@QAEXXZ
?createNode@QMapDataBase@@QAEPAUQMapNodeBase@@HHPAU2@_N@Z
?freeTree@QMapDataBase@@QAEXPAUQMapNodeBase@@H@Z
?createData@QMapDataBase@@SAPAU1@XZ
?freeData@QMapDataBase@@SAXPAU1@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?shared_null@QListData@@2UData@1@B
?shared_null@QMapDataBase@@2U1@B
??1QByteArray@@QAE@XZ
??8QString@@QBE_NVQLatin1String@@@Z
?cast@QMetaObject@@QBEPAVQObject@@PAV2@@Z
?tr@QMetaObject@@QBE?AVQString@@PBD0H@Z
?normalizedType@QMetaObject@@SA?AVQByteArray@@PBD@Z
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
??1Connection@QMetaObject@@QAE@XZ
?registerNormalizedType@QMetaType@@SAHABVQByteArray@@P6AXPAX@ZP6APAX1PBX@ZHV?$QFlags@W4TypeFlag@QMetaType@@@@PBUQMetaObject@@@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?qt_metacast@QObject@@UAEPAXPBD@Z
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
??0QObject@@QAE@PAV0@@Z
??1QObject@@UAE@XZ
?connect@QObject@@SA?AVConnection@QMetaObject@@PBV1@PBD01W4ConnectionType@Qt@@@Z

msvcp120

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ

msvcr120

_initterm_e
_initterm
_except_handler4_common
free
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
memcpy
memmove
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
?terminate@@YAXXZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
_malloc_crt

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
DeviceIoControl
CloseHandle
CreateFileW

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9043a0459baa7e86a8246f1ef2c4bb0d

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6fCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

00:c1:69:5f:02:13:f0:63:57:11:03:6b:0a:b8:8e:70:d6:2e:cd:d4Signer

Headers

DLL Characteristics

File Characteristics

Imports

qt5network

qt5core

msvcp120

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 1KB

.qtmetad Size: 512B - Virtual size: 256B

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 2KB - Virtual size: 1KB

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

00:c1:69:5f:02:13:f0:63:57:11:03:6b:0a:b8:8e:70:d6:2e:cd:d4
Signer

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 256B

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 2KB - Virtual size: 1KB