41817c40be4859507df4a2af5902fd6ed6a68c0469527fc48bd54990f0b7fb98

Sharing

Copy URL Twitter E-mail

General

Target

41817c40be4859507df4a2af5902fd6ed6a68c0469527fc48bd54990f0b7fb98
Size

510KB
MD5

c0e6704ed0221b1223139fdc34297dc5
SHA1

8e61da201635fd990602915858b830757d2b2db1
SHA256

41817c40be4859507df4a2af5902fd6ed6a68c0469527fc48bd54990f0b7fb98
SHA512

78b329b4d1e6997feebe30478eaeacb1ecdc1cfb0f32a379bb4f068f52824915fac91ca3a4e8d22d30847f36762f24420d434e01110889579d461e75d2c66873
SSDEEP

12288:/SMSvzvX7HK0c9DhKIfFvZCkq0VUL+SWra524ld:/nSTX7HK0c9DhKOrVUL+SIa524l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41817c40be4859507df4a2af5902fd6ed6a68c0469527fc48bd54990f0b7fb98

Files

41817c40be4859507df4a2af5902fd6ed6a68c0469527fc48bd54990f0b7fb98
.exe windows:4 windows x86 arch:x86

4761852f44598a95a5ab987451dedad0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

qt5core

_Z8qWinMainP11HINSTANCE__S0_PciRiR7QVectorIS1_E
_ZN10QArrayData10deallocateEPS_jj
_ZN10QArrayData11shared_nullE
_ZN10QArrayData8allocateEjjj6QFlagsINS_16AllocationOptionEE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QMetaObject18connectSlotsByNameEP7QObject
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN16QCoreApplication9translateEPKcS1_S1_i
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject13setObjectNameERK7QString
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString9fromUtf16EPKti
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK7QObject10objectNameEv
_ZNK7QString11toLocal8BitEv

qt5widgets

_ZN11QGridLayout10setSpacingEi
_ZN11QGridLayout9addWidgetEP7QWidgetiiii6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QGridLayoutC1EP7QWidget
_ZN11QPushButtonC1EP7QWidget
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPci
_ZN12QApplicationD1Ev
_ZN15QAbstractButton7setTextERK7QString
_ZN7QDialog10closeEventEP11QCloseEvent
_ZN7QDialog10setVisibleEb
_ZN7QDialog11eventFilterEP7QObjectP6QEvent
_ZN7QDialog11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QDialog11qt_metacastEPKc
_ZN7QDialog11resizeEventEP12QResizeEvent
_ZN7QDialog13keyPressEventEP9QKeyEvent
_ZN7QDialog16contextMenuEventEP17QContextMenuEvent
_ZN7QDialog16staticMetaObjectE
_ZN7QDialog4doneEi
_ZN7QDialog4execEv
_ZN7QDialog4openEv
_ZN7QDialog6acceptEv
_ZN7QDialog6rejectEv
_ZN7QDialog9showEventEP10QShowEvent
_ZN7QDialogC2EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QDialogD2Ev
_ZN7QLayout18setContentsMarginsEiiii
_ZN7QWidget10enterEventEP6QEvent
_ZN7QWidget10leaveEventEP6QEvent
_ZN7QWidget10paintEventEP11QPaintEvent
_ZN7QWidget10wheelEventEP11QWheelEvent
_ZN7QWidget11actionEventEP12QActionEvent
_ZN7QWidget11changeEventEP6QEvent
_ZN7QWidget11nativeEventERK10QByteArrayPvPl
_ZN7QWidget11tabletEventEP12QTabletEvent
_ZN7QWidget12focusInEventEP11QFocusEvent
_ZN7QWidget13dragMoveEventEP14QDragMoveEvent
_ZN7QWidget13focusOutEventEP11QFocusEvent
_ZN7QWidget14dragEnterEventEP15QDragEnterEvent
_ZN7QWidget14dragLeaveEventEP15QDragLeaveEvent
_ZN7QWidget14mouseMoveEventEP11QMouseEvent
_ZN7QWidget14setWindowTitleERK7QString
_ZN7QWidget15keyReleaseEventEP9QKeyEvent
_ZN7QWidget15mousePressEventEP11QMouseEvent
_ZN7QWidget16inputMethodEventEP17QInputMethodEvent
_ZN7QWidget17mouseReleaseEventEP11QMouseEvent
_ZN7QWidget18focusNextPrevChildEb
_ZN7QWidget21mouseDoubleClickEventEP11QMouseEvent
_ZN7QWidget4showEv
_ZN7QWidget5eventEP6QEvent
_ZN7QWidget6resizeERK5QSize
_ZN7QWidget9dropEventEP10QDropEvent
_ZN7QWidget9hideEventEP10QHideEvent
_ZN7QWidget9moveEventEP10QMoveEvent
_ZNK7QDialog15minimumSizeHintEv
_ZNK7QDialog8sizeHintEv
_ZNK7QWidget10redirectedEP6QPoint
_ZNK7QWidget11initPainterEP8QPainter
_ZNK7QWidget11paintEngineEv
_ZNK7QWidget13sharedPainterEv
_ZNK7QWidget14heightForWidthEi
_ZNK7QWidget16inputMethodQueryEN2Qt16InputMethodQueryE
_ZNK7QWidget17hasHeightForWidthEv
_ZNK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZNK7QWidget7devTypeEv
_ZThn8_NK7QWidget10redirectedEP6QPoint
_ZThn8_NK7QWidget11initPainterEP8QPainter
_ZThn8_NK7QWidget11paintEngineEv
_ZThn8_NK7QWidget13sharedPainterEv
_ZThn8_NK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZThn8_NK7QWidget7devTypeEv

d3d9

Direct3DCreate9

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__divdi3
__register_frame_info
__udivdi3
__umoddi3

kernel32

CloseHandle
CreateEventA
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_exit
_fmode
_initterm
_iob
_localtime64
_lock
_onexit
_snwprintf
_unlock
_vsnprintf
abort
atoi
calloc
exit
fclose
fflush
fopen
fputc
fputs
free
fseek
fwprintf
fwrite
getenv
localeconv
log10
malloc
memcmp
memcpy
memmove
memset
raise
realloc
setlocale
signal
strchr
strcmp
strerror
strftime
strlen
strncmp
strncpy
wcscpy
wcslen

ole32

CoInitialize
CoUninitialize

user32

GetDesktopWindow
GetSystemMetrics
MessageBoxW

libstdc++-6

InterlockedCompareExchange@12
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdlPv
_Znwj
__cxa_pure_virtual
__gxx_personality_v0

Sections

.text
Size: 425KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4761852f44598a95a5ab987451dedad0

Headers

File Characteristics

Imports

qt5core

qt5widgets

d3d9

libgcc_s_dw2-1

kernel32

msvcrt

ole32

user32

libstdc++-6

Sections

.text Size: 425KB - Virtual size: 424KB

.rodata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 248B

.rdata Size: 30KB - Virtual size: 29KB

.eh_fram Size: 42KB - Virtual size: 41KB

.bss Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.text
Size: 425KB - Virtual size: 424KB

.rodata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 248B

.rdata
Size: 30KB - Virtual size: 29KB

.eh_fram
Size: 42KB - Virtual size: 41KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B