QuickHaas[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

QuickHaas.dll
Size

6.0MB
MD5

d49c66222acaa4851b79b0d123cda8b1
SHA1

e5dc4a1c2c2e4f98abc473d0409f2a9bb5efd8af
SHA256

ed08bbe4a42ae723d5a86539dfce0a19ff4b6974fba6922aae2178d8b22a7184
SHA512

014a772007f85d38705682d98ed927c0a71b54e2d0dee57056b55dc6270492b86c3d2c65feaca658344f12b4c8c2d748daf7d9b5f08516880367fcc20bc3883e
SSDEEP

49152:qF4khh8LkGU/x4dH9XVWEGP2NzL54/eHdWmkr0oqPjvj9QAHOZIAjSi3tTvKcu:qEL5UihmfujZbOZAwJKcu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
QuickHaas.dll

Files

QuickHaas.dll
.dll windows:6 windows x64 arch:x64

6fb17143fbb20e79a976fbfcb090bdc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLogicalDriveStringsW
FormatMessageW
GetLastError
GetFileAttributesExW
OutputDebugStringW
TerminateThread
QueryPerformanceFrequency
DeleteFileW
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
ReplaceFileW
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FreeLibrary
VerifyVersionInfoW
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
GlobalSize
GlobalAlloc
GlobalLock
GetCurrentProcessId
GlobalUnlock
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
DisconnectNamedPipe
CreateFileW
FindFirstFileExA
GetProcessHeap
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
GetStdHandle
GetACP
GetModuleFileNameA
HeapFree
HeapReAlloc
HeapAlloc
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
GetModuleHandleExW
InterlockedFlushSList
LoadLibraryExW
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
GetModuleHandleA
UnmapViewOfFile
GetSystemDirectoryW
ReleaseMutex
FindNextFileA
GetFileAttributesW
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
SetPriorityClass
GetModuleFileNameW
RemoveDirectoryW
TerminateProcess
WriteFile
FindNextFileW
EnterCriticalSection
FindFirstFileW
CancelIo
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
SetThreadAffinityMask
CreateDirectoryW
GetCurrentThreadId
GetProcAddress
GetPriorityClass
ResetEvent
CloseHandle
GetThreadPriority
LoadLibraryA
GetCurrentThread
SetEvent
Sleep
CreateEventW
WaitForSingleObject
SetThreadPriority
GetCurrentProcess

user32

GetDesktopWindow
UnregisterClassW
CreateWindowExW
CallNextHookEx
PostMessageA
SetWindowPos
GetWindowRect
AttachThreadInput
GetWindowThreadProcessId
GetWindowTextW
TranslateMessage
SetFocus
EnumWindows
PeekMessageW
DispatchMessageW
GetFocus
SendMessageTimeoutW
PostMessageW
GetMessageW
ReleaseDC
GetDC
SetWindowLongPtrW
BeginPaint
RegisterClassExW
SetCursorPos
InvalidateRect
DestroyWindow
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
ShowCaret
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetCapture
DestroyCaret
LoadCursorW
FindWindowW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
GetForegroundWindow
TrackMouseEvent
CreateCaret
IsChild
GetCursorPos
GetWindowLongPtrW
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
GetSystemMetrics
GetClassNameA
SetWindowsHookExA
UnhookWindowsHookEx
GetAncestor
SetForegroundWindow
DefWindowProcW
GetWindowPlacement
WindowFromPoint
MessageBeep
SetWindowTextW
SendMessageW
ScreenToClient
GetIconInfo
EnumDisplayMonitors
EnumChildWindows
MessageBoxW
IsWindowVisible
DestroyCursor
GetKeyboardState
SetCaretPos
GetActiveWindow
ShowWindow
GetAsyncKeyState
MapVirtualKeyW
GetMessagePos
GetUpdateRgn
GetMessageExtraInfo
GetSystemMenu
GetWindowLongW
MoveWindow
CallWindowProcW
EndPaint

gdi32

EnumFontFamiliesExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
CreateCompatibleDC
CreateFontIndirectW
GetOutlineTextMetricsW
CreateRectRgnIndirect
StretchDIBits
CreateDIBSection
SaveDC
SwapBuffers
GetKerningPairsW
AddFontMemResourceEx
SelectObject
CombineRgn
CreateBitmap
RestoreDC
ExcludeClipRect
GetObjectW
GetRegionData
CreateRectRgn
SetMapMode
GetPixel

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetMalloc
ExtractAssociatedIconW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW

ole32

OleCreate
OleSetContainedObject
RevokeDragDrop
RegisterDragDrop
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
PropVariantClear
DoDragDrop

oleaut32

SafeArrayAccessData
SafeArrayCreateVector
SafeArrayUnaccessData
SysAllocString
SysFreeString
VariantInit
SafeArrayDestroy
VariantClear

wininet

InternetReadFile
InternetSetOptionW
InternetConnectW
InternetCloseHandle
InternetWriteFile
HttpEndRequestW
InternetCrackUrlW
InternetSetFilePointer
HttpQueryInfoW
InternetOpenW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestExW
FtpOpenFileW

ws2_32

send
inet_ntoa
recv
getsockopt
setsockopt
WSAStartup
select
accept
__WSAFDIsSet
closesocket

shlwapi

PathStripToRootW

winmm

midiOutUnprepareHeader
midiOutPrepareHeader
midiInUnprepareHeader
midiInClose
midiOutShortMsg
midiOutClose
midiInStop
midiOutLongMsg
timeKillEvent
timeGetTime
timeBeginPeriod
midiInReset

imm32

ImmNotifyIME
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow

opengl32

wglGetProcAddress
glTexParameteri
glDeleteTextures
glClearColor
glGetBooleanv
glDrawArrays
wglDeleteContext
glTexImage2D
glViewport
glDisable
wglMakeCurrent
glPixelStorei
glTexSubImage2D
glGetString
glGetError
glGetIntegerv
glReadPixels
glClear
wglGetCurrentContext
glBindTexture
glGenTextures
glEnable
glScissor
glBlendFunc
glDrawElements

Exports

Exports

VSTPluginMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fb17143fbb20e79a976fbfcb090bdc7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

wininet

ws2_32

shlwapi

winmm

imm32

opengl32

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: 76KB - Virtual size: 83KB

.pdata Size: 129KB - Virtual size: 129KB

.gfids Size: 1024B - Virtual size: 516B

.tls Size: 512B - Virtual size: 33B

_RDATA Size: 10KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 35KB - Virtual size: 35KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: 76KB - Virtual size: 83KB

.pdata
Size: 129KB - Virtual size: 129KB

.gfids
Size: 1024B - Virtual size: 516B

.tls
Size: 512B - Virtual size: 33B

_RDATA
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 35KB - Virtual size: 35KB