cf28bf94a1a94ef073e27f2d3e06b460_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

cf28bf94a1a94ef073e27f2d3e06b460_NeikiAnalytics
Size

947KB
MD5

cf28bf94a1a94ef073e27f2d3e06b460
SHA1

ff6a9dc55b1eb3df98cd782cdbe5edd7b45c84ad
SHA256

bb3e195f1c30c0147d4dde8e166549cd0d4388120b408be7b762670f2662e60a
SHA512

1569cabbad0b8c0cc012b29c45a8628bda5eace4074c5e84cedb89063f99baa871d1700065438f8a9cc6e5a1f2a23b8ae7f5ad05c8e6aa3827b44cb578438c46
SSDEEP

12288:CB3g4qhor79I/D0/PwD1ayjmCrtc06EsXA+QZ9ZmcBa4bf2NUQL5abd:CB3pqyr76/gHgjmCrtcg7f9bd

Score

1^/10

Malware Config

Signatures

Files

cf28bf94a1a94ef073e27f2d3e06b460_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

4d9883b786c744b3aafd9dbdc4d9a886

Code Sign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:a1:d7:a0:0c:44:17:eb:b3:63:26:d5:94:d2:06:b9:f5
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

11/09/2013, 15:27

Not After

11/09/2016, 15:27

Subject

CN=Synology Inc.,O=Synology Inc.,C=TW,1.2.840.113549.1.9.1=#0c13646f6d61696e4073796e6f6c6f67792e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c7:26:d4:75:0d:0d:7a:e3:42:a7:fb:27:78:a5:ae:79:ca:c5:37:9b
Signer

Actual PE Digest

c7:26:d4:75:0d:0d:7a:e3:42:a7:fb:27:78:a5:ae:79:ca:c5:37:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

qt5core

_Z13qErrnoWarningPKcz
_Z21qRegisterResourceDataiPKhS0_S0_
_Z23qUnregisterResourceDataiPKhS0_S0_
_Z7qstrcmpRK10QByteArrayPKc
_Z8qWinMainP11HINSTANCE__S0_PciRiR7QVectorIS1_E
_Z8qstricmpPKcS0_
_Z9qBadAllocv
_Z9qChecksumPKcj
_ZN10QArrayData10deallocateEPS_jj
_ZN10QArrayData11shared_nullE
_ZN10QArrayData8allocateEjjj6QFlagsINS_16AllocationOptionEE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN10QByteArray6appendEPKc
_ZN10QByteArray6appendERKS_
_ZN10QByteArray6appendEc
_ZN10QByteArray6numberExi
_ZN10QByteArray6resizeEi
_ZN10QByteArrayC1EPKci
_ZN10QJsonArrayC1ERKS_
_ZN10QJsonArrayD1Ev
_ZN10QJsonValueD1Ev
_ZN11QDataStream10writeBytesEPKcj
_ZN11QDataStream11readRawDataEPci
_ZN11QDataStreamC1EP9QIODevice
_ZN11QDataStreamD1Ev
_ZN11QDataStreamrsERi
_ZN11QFileDevice12readLineDataEPcx
_ZN11QFileDevice4seekEx
_ZN11QFileDevice5closeEv
_ZN11QFileDevice5flushEv
_ZN11QFileDevice8readDataEPcx
_ZN11QFileDevice9writeDataEPKcx
_ZN11QJsonObjectC1ERKS_
_ZN11QJsonObjectC1Ev
_ZN11QJsonObjectD1Ev
_ZN11QJsonObjectaSERKS_
_ZN11QJsonObjectixERK7QString
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN11QTranslator4loadERK7QStringS2_S2_S2_
_ZN11QTranslatorC1EP7QObject
_ZN12QMapDataBase10createDataEv
_ZN12QMapDataBase10createNodeEiiP12QMapNodeBaseb
_ZN12QMapDataBase11shared_nullE
_ZN12QMapDataBase18recalcMostLeftNodeEv
_ZN12QMapDataBase8freeDataEPS_
_ZN12QMapDataBase8freeTreeEP12QMapNodeBasei
_ZN13QJsonDocument8fromJsonERK10QByteArrayP15QJsonParseError
_ZN13QJsonDocumentD1Ev
_ZN16QCoreApplication12setAttributeEN2Qt20ApplicationAttributeEb
_ZN16QCoreApplication17installTranslatorEP11QTranslator
_ZN16QCoreApplication18applicationDirPathEv
_ZN16QCoreApplication19applicationFilePathEv
_ZN16QCoreApplication4exitEi
_ZN16QCoreApplication9translateEPKcS1_S1_i
_ZN18QCommandLineOptionC1ERK7QStringS2_S2_S2_
_ZN18QCommandLineOptionD1Ev
_ZN18QCommandLineParser13addHelpOptionEv
_ZN18QCommandLineParser7processERK11QStringList
_ZN18QCommandLineParser9addOptionERK18QCommandLineOption
_ZN18QCommandLineParserC1Ev
_ZN18QCommandLineParserD1Ev
_ZN18QCryptographicHash4hashERK10QByteArrayNS_9AlgorithmE
_ZN4QDir8tempPathEv
_ZN4QDir9cleanPathERK7QString
_ZN4QDir9separatorEv
_ZN4QDirC1ERK7QString
_ZN4QDirD1Ev
_ZN4QUrl8setQueryERK9QUrlQuery
_ZN4QUrlC1ERK7QStringNS_11ParsingModeE
_ZN4QUrlD1Ev
_ZN5QFile11qt_metacallEN11QMetaObject4CallEiPPv
_ZN5QFile11qt_metacastEPKc
_ZN5QFile11setFileNameERK7QString
_ZN5QFile14setPermissionsE6QFlagsIN11QFileDevice10PermissionEE
_ZN5QFile4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN5QFile6existsERK7QString
_ZN5QFile6removeERK7QString
_ZN5QFile6removeEv
_ZN5QFile6renameERK7QString
_ZN5QFile6resizeEx
_ZN5QFileC1EP7QObject
_ZN5QFileC1ERK7QString
_ZN5QFileC2ERK7QString
_ZN5QFileC2Ev
_ZN5QFileD1Ev
_ZN5QFileD2Ev
_ZN6QTimer4stopEv
_ZN6QTimer5startEi
_ZN6QTimerC1EP7QObject
_ZN7QLocale6systemEv
_ZN7QLocaleD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10disconnectEPKS_PKcS1_S3_
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11deleteLaterEv
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QRegExpC1ERK7QStringN2Qt15CaseSensitivityENS_13PatternSyntaxE
_ZN7QRegExpD1Ev
_ZN7QString11reallocDataEjb
_ZN7QString14compare_helperEPK5QChariPKciN2Qt15CaseSensitivityE
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString16fromAscii_helperEPKci
_ZN7QString17fromLatin1_helperEPKci
_ZN7QString6appendERKS_
_ZN7QString6numberEii
_ZN7QString6numberEji
_ZN7QString6numberEmi
_ZN7QString7replaceERK7QRegExpRKS_
_ZN7QString7replaceERKS_S1_N2Qt15CaseSensitivityE
_ZN7QString8truncateEi
_ZN7QString9fromUtf16EPKti
_ZN7QStringC1E5QChar
_ZN7QStringaSERKS_
_ZN8QLibrary7resolveEPKc
_ZN8QLibraryC1ERK7QStringP7QObject
_ZN8QLibraryD1Ev
_ZN8QVariantD1Ev
_ZN9QFileInfoC1ERK5QFile
_ZN9QFileInfoD1Ev
_ZN9QIODevice16waitForReadyReadEi
_ZN9QIODevice19waitForBytesWrittenEi
_ZN9QIODevice4readEx
_ZN9QIODevice5resetEv
_ZN9QIODevice5writeEPKcx
_ZN9QIODevice7readAllEv
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData6detachEi
_ZN9QListData7disposeEPNS_4DataE
_ZN9QMetaType22registerNormalizedTypeERK10QByteArrayPFvPvEPFS3_PKvES5_PFS3_S3_S7_Ei6QFlagsINS_8TypeFlagEEPK11QMetaObject
_ZN9QSettingsC1ENS_6FormatENS_5ScopeERK7QStringS4_P7QObject
_ZN9QSettingsC1ERK7QStringNS_6FormatEP7QObject
_ZN9QSettingsD1Ev
_ZN9QUrlQuery12addQueryItemERK7QStringS2_
_ZN9QUrlQueryC1Ev
_ZN9QUrlQueryD1Ev
_ZN9QtPrivate16QStringList_joinEPK11QStringListPK5QChari
_ZNK10QByteArray5toHexEv
_ZNK10QJsonArray2atEi
_ZNK10QJsonArray4sizeEv
_ZNK10QJsonValue6toBoolEb
_ZNK10QJsonValue8toStringERK7QString
_ZNK11QFileDevice12isSequentialEv
_ZNK11QFileDevice3posEv
_ZNK11QFileDevice5atEndEv
_ZNK11QJsonObject7isEmptyEv
_ZNK11QJsonObject8containsERK7QString
_ZNK11QMetaObject9classNameEv
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK13QJsonDocument6objectEv
_ZNK13QJsonDocument8isObjectEv
_ZNK13QJsonValueRef7toArrayEv
_ZNK13QJsonValueRef7toValueEv
_ZNK13QJsonValueRef8toObjectEv
_ZNK14QMessageLogger5debugEPKcz
_ZNK14QMessageLogger7warningEPKcz
_ZNK18QCommandLineParser5isSetERK18QCommandLineOption
_ZNK18QCommandLineParser5valueERK18QCommandLineOption
_ZNK18QCommandLineParser6valuesERK18QCommandLineOption
_ZNK4QDir12absolutePathEv
_ZNK4QUrl3urlE12QUrlTwoFlagsINS_19UrlFormattingOptionENS_25ComponentFormattingOptionEE
_ZNK4QUrl4hostE6QFlagsINS_25ComponentFormattingOptionEE
_ZNK4QUrl5queryE6QFlagsINS_25ComponentFormattingOptionEE
_ZNK4QUrl7isEmptyEv
_ZNK4QUrl8hasQueryEv
_ZNK4QUrl8resolvedERKS_
_ZNK4QUrl8toStringE12QUrlTwoFlagsINS_19UrlFormattingOptionENS_25ComponentFormattingOptionEE
_ZNK4QUrlneERKS_
_ZNK5QFile10metaObjectEv
_ZNK5QFile11permissionsEv
_ZNK5QFile4sizeEv
_ZNK5QFile6existsEv
_ZNK5QFile8fileNameEv
_ZNK7QLocale4nameEv
_ZNK7QString11toLocal8BitEv
_ZNK7QString5toIntEPbi
_ZNK7QString5utf16Ev
_ZNK7QString6toUtf8Ev
_ZNK7QString7compareERKS_N2Qt15CaseSensitivityE
_ZNK7QString7indexOfE5QChariN2Qt15CaseSensitivityE
_ZNK7QString7sectionERKS_ii6QFlagsINS_11SectionFlagEE
_ZNK7QString7toLowerEv
_ZNK7QString8toLatin1Ev
_ZNK8QVariant5toIntEPb
_ZNK8QVariant5toUrlEv
_ZNK8QVariant8toStringEv
_ZNK9QFileInfo16absoluteFilePathEv
_ZNK9QIODevice11canReadLineEv
_ZNK9QIODevice11errorStringEv
_ZNK9QIODevice12bytesToWriteEv
_ZNK9QIODevice14bytesAvailableEv
_ZNK9QIODevice6isOpenEv
_ZNK9QSettings5valueERK7QStringRK8QVariant
_ZeqRK7QStringS1_
_ZltRK7QStringS1_

qt5gui

_ZN15QGuiApplication25setQuitOnLastWindowClosedEb
_ZN5QIconC1ERK7QString
_ZN5QIconD1Ev

qt5network

_ZN12QLocalServer6listenERK7QString
_ZN12QLocalServerC1EP7QObject
_ZN12QLocalSocket15connectToServerERK7QString6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN12QLocalSocket16waitForConnectedEi
_ZN12QLocalSocket16waitForReadyReadEi
_ZN12QLocalSocket19waitForBytesWrittenEi
_ZN12QLocalSocket19waitForDisconnectedEi
_ZN12QLocalSocketC1EP7QObject
_ZN12QLocalSocketD1Ev
_ZN13QNetworkProxy11setHostNameERK7QString
_ZN13QNetworkProxy11setPasswordERK7QString
_ZN13QNetworkProxy7setPortEt
_ZN13QNetworkProxy7setTypeENS_9ProxyTypeE
_ZN13QNetworkProxy7setUserERK7QString
_ZN13QNetworkProxyC1ENS_9ProxyTypeERK7QStringtS3_S3_
_ZN13QNetworkProxyC1Ev
_ZN13QNetworkProxyD1Ev
_ZN13QNetworkReply16staticMetaObjectE
_ZN15QNetworkRequest12setRawHeaderERK10QByteArrayS2_
_ZN15QNetworkRequestC1ERK4QUrl
_ZN15QNetworkRequestD1Ev
_ZN21QNetworkAccessManager3getERK15QNetworkRequest
_ZN21QNetworkAccessManager8setProxyERK13QNetworkProxy
_ZN21QNetworkAccessManagerC1EP7QObject
_ZNK12QLocalServer11errorStringEv
_ZNK13QNetworkProxy4typeEv
_ZNK13QNetworkReply3urlEv
_ZNK13QNetworkReply5errorEv
_ZNK13QNetworkReply9attributeEN15QNetworkRequest9AttributeE
_ZNK21QNetworkAccessManager5proxyEv

qt5widgets

_ZN12QApplication11qt_metacallEN11QMetaObject4CallEiPPv
_ZN12QApplication11qt_metacastEPKc
_ZN12QApplication13compressEventEP6QEventP7QObjectP14QPostEventList
_ZN12QApplication16staticMetaObjectE
_ZN12QApplication4execEv
_ZN12QApplication5eventEP6QEvent
_ZN12QApplication6notifyEP7QObjectP6QEvent
_ZN12QApplicationC2ERiPPci
_ZN12QApplicationD2Ev
_ZN15QSystemTrayIcon10setToolTipERK7QString
_ZN15QSystemTrayIcon10setVisibleEb
_ZN15QSystemTrayIcon11showMessageERK7QStringS2_NS_11MessageIconEi
_ZN15QSystemTrayIcon14setContextMenuEP5QMenu
_ZN15QSystemTrayIcon21isSystemTrayAvailableEv
_ZN15QSystemTrayIcon7setIconERK5QIcon
_ZN15QSystemTrayIconC1EP7QObject
_ZN7QWidget14activateWindowEv
_ZN7QWidget14setWindowStateE6QFlagsIN2Qt11WindowStateEE
_ZN7QWidget5raiseEv
_ZNK15QSystemTrayIcon11contextMenuEv
_ZNK7QWidget11windowStateEv

libsqlite3-0

sqlite3_busy_timeout
sqlite3_close
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_text
sqlite3_errmsg
sqlite3_exec
sqlite3_finalize
sqlite3_free
sqlite3_last_insert_rowid
sqlite3_mprintf
sqlite3_open
sqlite3_prepare_v2
sqlite3_snprintf
sqlite3_step

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info
__udivdi3
__umoddi3

kernel32

CloseHandle
CreateDirectoryW
CreateFileW
CreateMutexW
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
FindClose
FindFirstFileW
FindNextFileW
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeW
GetFileInformationByHandle
GetLastError
GetLongPathNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetShortPathNameW
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetVolumeInformationW
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MoveFileExW
MultiByteToWideChar
OpenMutexW
QueryPerformanceCounter
ReadFile
ReleaseMutex
RemoveDirectoryW
SetFileTime
SetHandleInformation
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fileno
_fmode
_get_osfhandle
_initterm
_iob
_lock
_onexit
_snwprintf
_unlock
_wcsdup
_wcserror
_wcsicmp
_wfopen
_wremove
_wrename
abort
atoi
calloc
exit
fclose
fflush
fgets
fprintf
fputc
free
fwprintf
fwrite
getenv
iswalpha
localtime
localeconv
malloc
memcpy
memset
rand
realloc
setlocale
signal
srand
strchr
strcmp
strerror
strlen
strncmp
time
vfprintf
vfwprintf
wcscmp
wcsftime
wcslen

netapi32

NetApiBufferFree
NetWkstaGetInfo

libwinpthread-1

pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_init
pthread_mutexattr_setpshared

shell32

CommandLineToArgvW
SHFileOperationW
ShellExecuteW

libstdc++-6

_ZNKSs5rfindEPKcjj
_ZNKSs7compareEPKc
_ZNKSt15basic_stringbufIcSt11char_traitsIcESaIcEE3strEv
_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNSbIwSt11char_traitsIwESaIwEE12_M_leak_hardEv
_ZNSbIwSt11char_traitsIwESaIwEE12_S_constructEjwRKS1_
_ZNSbIwSt11char_traitsIwESaIwEE4_Rep10_M_destroyERKS1_
_ZNSbIwSt11char_traitsIwESaIwEE4_Rep10_M_disposeERKS1_
_ZNSbIwSt11char_traitsIwESaIwEE6resizeEjw
_ZNSdD2Ev
_ZNSirsERi
_ZNSo3putEc
_ZNSo5flushEv
_ZNSo9_M_insertIbEERSoT_
_ZNSo9_M_insertIyEERSoT_
_ZNSolsEi
_ZNSs12_S_constructEjcRKSaIcE
_ZNSs4_Rep10_M_destroyERKSaIcE
_ZNSs4_Rep10_M_disposeERKSaIcE
_ZNSs6assignEPKc
_ZNSs6assignEPKcj
_ZNSs6assignERKSs
_ZNSs7reserveEj
_ZNSs9_M_mutateEjjj
_ZNSsC1EPKcRKSaIcE
_ZNSsC1EPKcjRKSaIcE
_ZNSsC1ERKSs
_ZNSsC1ERKSsjj
_ZNSt12out_of_rangeC1ERKSs
_ZNSt12out_of_rangeD1Ev
_ZNSt18basic_stringstreamIcSt11char_traitsIcESaIcEEC1ESt13_Ios_Openmode
_ZNSt18basic_stringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt6localeC1Ev
_ZNSt6localeD1Ev
_ZNSt8__detail15_List_node_base4swapERS0_S1_
_ZNSt8__detail15_List_node_base7_M_hookEPS0_
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZNSt8ios_baseC2Ev
_ZNSt8ios_baseD2Ev
_ZNSt9bad_allocD1Ev
_ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E
_ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_i
_ZSt16__throw_bad_castv
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZSt4cerr
_ZSt9terminatev
_ZStrsIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RSbIS4_S5_T1_E
_ZTTSt18basic_stringstreamIcSt11char_traitsIcESaIcEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt15basic_stringbufIcSt11char_traitsIcESaIcEE
_ZTVSt18basic_stringstreamIcSt11char_traitsIcESaIcEE
_ZTVSt9bad_alloc
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZdaPv
_ZdlPv
_Znaj
_Znwj
__cxa_allocate_exception
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__gxx_personality_v0

icuuc53

u_strFromUTF8_53
u_strToUTF8_53
unorm2_getInstance_53
unorm2_normalize_53

Sections

.text
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 623KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4d9883b786c744b3aafd9dbdc4d9a886

Code Sign

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

11:21:a1:d7:a0:0c:44:17:eb:b3:63:26:d5:94:d2:06:b9:f5Certificate

Extended Key Usages

Key Usages

c7:26:d4:75:0d:0d:7a:e3:42:a7:fb:27:78:a5:ae:79:ca:c5:37:9bSigner

Headers

File Characteristics

Imports

qt5core

qt5gui

qt5network

qt5widgets

libsqlite3-0

libgcc_s_dw2-1

kernel32

msvcrt

netapi32

libwinpthread-1

shell32

libstdc++-6

icuuc53

Sections

.text Size: 266KB - Virtual size: 265KB

.data Size: 512B - Virtual size: 252B

.rdata Size: 623KB - Virtual size: 623KB

/4 Size: 31KB - Virtual size: 31KB

.bss Size: - Virtual size: 8KB

.idata Size: 20KB - Virtual size: 20KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 852B

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:a1:d7:a0:0c:44:17:eb:b3:63:26:d5:94:d2:06:b9:f5
Certificate

c7:26:d4:75:0d:0d:7a:e3:42:a7:fb:27:78:a5:ae:79:ca:c5:37:9b
Signer

.text
Size: 266KB - Virtual size: 265KB

.data
Size: 512B - Virtual size: 252B

.rdata
Size: 623KB - Virtual size: 623KB

/4
Size: 31KB - Virtual size: 31KB

.bss
Size: - Virtual size: 8KB

.idata
Size: 20KB - Virtual size: 20KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 852B