c862e928030f104258df99afb47b451308d16ac7c4b6072d85d98cfaebf185d0

Sharing

Copy URL Twitter E-mail

General

Target

c862e928030f104258df99afb47b451308d16ac7c4b6072d85d98cfaebf185d0
Size

550KB
MD5

5661d487751b429c48656367b3f8b4d0
SHA1

c9b62b1452c3925f38ffb4a7aa01f834632f775c
SHA256

c862e928030f104258df99afb47b451308d16ac7c4b6072d85d98cfaebf185d0
SHA512

82c57fe2c8dae439729bf11fd19b5dd76122d01f9c76c0298aaf7c0d37ce62b8844abbd8d7ecf60bc4e6e63c901cac048635a75b233d1bbe8d4ac7a9c3c2d8f7
SSDEEP

6144:NuG4cE9hYUgwEmj+u+4+ATQ+NOhDhVh6crcd9v8ZEcLcO28sIJ0HiEPWFXEx/v78:JE9G9nkrFMl07gpr4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c862e928030f104258df99afb47b451308d16ac7c4b6072d85d98cfaebf185d0

Files

c862e928030f104258df99afb47b451308d16ac7c4b6072d85d98cfaebf185d0
.exe windows:4 windows x86 arch:x86

f2a6d99f971979af4ce735928ce83dd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateSemaphoreA
ExitProcess
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

mingwm10

__mingwthr_key_dtor

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fputc
fputs
free
fwrite
malloc
memcpy
realloc
signal
sprintf
strcmp
strcpy

libgcc_s_dw2-1

_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__deregister_frame_info
__emutls_get_address
__register_frame_info

qtcored4

_Z23qt_qFindChildren_helperPK7QObjectRK7QStringPK7QRegExpRK11QMetaObjectP5QListIPvE
_Z5qFreePv
_Z7qMemSetPvij
_Z8qWinMainP11HINSTANCE__S0_PciRiR7QVectorIS1_E
_Z9qBadAllocv
_Z9qt_assertPKcS0_i
_ZN10QByteArray7reallocEi
_ZN11QMetaObject18connectSlotsByNameEP7QObject
_ZN11QVectorData10reallocateEPS_iii
_ZN11QVectorData4freeEPS_i
_ZN11QVectorData8allocateEii
_ZN16QCoreApplication9translateEPKcS1_S1_NS_8EncodingE
_ZN7QObject13setObjectNameERK7QString
_ZN7QString11shared_nullE
_ZN7QString14fromWCharArrayEPKwi
_ZN7QString4freeEPNS_4DataE
_ZN7QString8fromUtf8EPKci
_ZN9QListData11shared_nullE
_ZN9QListData6detachEi
_ZNK7QObject10objectNameEv
_ZNK7QString11toLocal8BitEv

qtguid4

_ZN11QGridLayout9addWidgetEP7QWidgetiiii6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QGridLayoutC1EP7QWidget
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPci
_ZN12QApplicationD1Ev
_ZN15QAbstractSlider16staticMetaObjectE
_ZN5QDial17setNotchesVisibleEb
_ZN5QDialC1EP7QWidget
_ZN7QWidget12setAttributeEN2Qt15WidgetAttributeEb
_ZN7QWidget13showMaximizedEv
_ZN7QWidget14setWindowTitleERK7QString
_ZN7QWidget6resizeERK5QSize
_ZN7QWidgetC1EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidgetD1Ev

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 104B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE

/19
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_MEM_DISCARDABLE

/35
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_MEM_DISCARDABLE

/47
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_MEM_DISCARDABLE

/61
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_MEM_DISCARDABLE

/73
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE

/86
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_MEM_DISCARDABLE

/97
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_MEM_DISCARDABLE

/108
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

f2a6d99f971979af4ce735928ce83dd1

Headers

File Characteristics

Imports

kernel32

mingwm10

msvcrt

libgcc_s_dw2-1

qtcored4

qtguid4

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 25KB - Virtual size: 25KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 104B

.idata Size: 4KB - Virtual size: 3KB

/4 Size: 2KB - Virtual size: 1KB

/19 Size: 6KB - Virtual size: 5KB

/35 Size: 328KB - Virtual size: 328KB

/47 Size: 16KB - Virtual size: 16KB

/61 Size: 18KB - Virtual size: 17KB

/73 Size: 6KB - Virtual size: 6KB

/86 Size: 9KB - Virtual size: 9KB

/97 Size: 28KB - Virtual size: 27KB

/108 Size: 7KB - Virtual size: 6KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 25KB - Virtual size: 25KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 104B

.idata
Size: 4KB - Virtual size: 3KB

/4
Size: 2KB - Virtual size: 1KB

/19
Size: 6KB - Virtual size: 5KB

/35
Size: 328KB - Virtual size: 328KB

/47
Size: 16KB - Virtual size: 16KB

/61
Size: 18KB - Virtual size: 17KB

/73
Size: 6KB - Virtual size: 6KB

/86
Size: 9KB - Virtual size: 9KB

/97
Size: 28KB - Virtual size: 27KB

/108
Size: 7KB - Virtual size: 6KB