4ade8ffa0cbcf4bd3e93d3bdb07347ef4e5576542d1b350a127b1e814c8bfd2d

Sharing

Copy URL Twitter E-mail

General

Target

4ade8ffa0cbcf4bd3e93d3bdb07347ef4e5576542d1b350a127b1e814c8bfd2d
Size

598KB
MD5

e17b7c9837ce9076bc7270d9e42c68f6
SHA1

643e6a30a23113937266531de12c4fcd2df7cbc5
SHA256

4ade8ffa0cbcf4bd3e93d3bdb07347ef4e5576542d1b350a127b1e814c8bfd2d
SHA512

3671bac05962d7f95351e1aa056fe1b0009aff29514aa3bd98a5ba98992771f2435094d445d6f52d329246a18b843efad6d206fd6f18f7a203c3b5055670be33
SSDEEP

12288:2ZhENAkvVuKSuKV5+KZWlPRfvIxavjnVbu:2vENAkduKBK/+KZQBvIxaLVbu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ade8ffa0cbcf4bd3e93d3bdb07347ef4e5576542d1b350a127b1e814c8bfd2d

Files

4ade8ffa0cbcf4bd3e93d3bdb07347ef4e5576542d1b350a127b1e814c8bfd2d
.exe windows:4 windows x86 arch:x86

944a64be84fe849732bfa94ba21b96da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

lua51

luaL_error
luaL_loadfile
luaL_newstate
luaL_openlibs
lua_call
lua_close
lua_gc
lua_getfield
lua_gettop
lua_insert
lua_isnumber
lua_isstring
lua_pcall
lua_pushcclosure
lua_pushinteger
lua_pushstring
lua_pushvalue
lua_remove
lua_sethook
lua_settop
lua_tolstring
lua_tonumber
lua_type

vbar

vbar_channel_open
vrpc_call

qt5core

_Z21qRegisterResourceDataiPKhS0_S0_
_Z23qUnregisterResourceDataiPKhS0_S0_
_Z4endlR11QTextStream
_ZN10QArrayData10deallocateEPS_jj
_ZN10QArrayData11shared_nullE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN10QByteArrayC1EPKci
_ZN10QTextCodec12codecForNameERK10QByteArray
_ZN10QTextCodec17setCodecForLocaleEPS_
_ZN11QMetaObject18connectSlotsByNameEP7QObject
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN11QTextStreamlsEi
_ZN11QTranslator4loadERK7QStringS2_S2_S2_
_ZN11QTranslatorC1EP7QObject
_ZN16QCoreApplication16removeTranslatorEP11QTranslator
_ZN16QCoreApplication17installTranslatorEP11QTranslator
_ZN16QCoreApplication18applicationDirPathEv
_ZN16QCoreApplication9translateEPKcS1_S1_i
_ZN6QDebug9putStringEPK5QCharj
_ZN6QDebugD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject13setObjectNameERK7QString
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject18installEventFilterEPS_
_ZN7QRegExpC1ERK7QStringN2Qt15CaseSensitivityENS_13PatternSyntaxE
_ZN7QRegExpD1Ev
_ZN7QString13toUtf8_helperERKS_
_ZN7QString14compare_helperEPK5QChariPKciN2Qt15CaseSensitivityE
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString15toLatin1_helperERKS_
_ZN7QString16fromAscii_helperEPKci
_ZN7QString17fromLatin1_helperEPKci
_ZN7QString18toLocal8Bit_helperEPK5QChari
_ZN7QString6appendERKS_
_ZN7QString6numberEii
_ZN7QStringaSERKS_
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData7disposeEPNS_4DataE
_ZNK11QMetaObject2trEPKcS1_i
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK14QMessageLogger5debugEPKcz
_ZNK14QMessageLogger5debugEv
_ZNK7QObject10objectNameEv
_ZNK7QString3midEii
_ZNK7QString4leftEi
_ZNK7QString5rightEi
_ZNK7QString5toIntEPbi
_ZNK7QString7compareERKS_N2Qt15CaseSensitivityE
_ZNK7QString7indexOfERKS_iN2Qt15CaseSensitivityE

qt5gui

_ZN13QIntValidatorC1EiiP7QObject
_ZN16QRegExpValidatorC1ERK7QRegExpP7QObject
_ZN5QFont12setPointSizeEi
_ZN5QFont8setStyleENS_5StyleE
_ZN5QFont9setFamilyERK7QString
_ZN5QFont9setWeightEi
_ZN5QFontC1ERK7QStringiib
_ZN5QFontC1Ev
_ZN5QFontD1Ev
_ZN6QBrushC1ERK6QColorN2Qt10BrushStyleE
_ZN6QBrushD1Ev
_ZN6QColorC1EN2Qt11GlobalColorE
_ZN6QImageC1EiiNS_6FormatE
_ZN6QImageD1Ev
_ZN7QPixmap9fromImageERK6QImage6QFlagsIN2Qt19ImageConversionFlagEE
_ZN7QPixmapD1Ev
_ZN8QPainter6setPenEN2Qt8PenStyleE
_ZN8QPainter8setBrushERK6QBrush
_ZN8QPainter9drawRectsEPK5QRecti
_ZN8QPainter9drawRectsEPK6QRectFi
_ZN8QPainterC1EP12QPaintDevice
_ZN8QPainterD1Ev

qt5widgets

_ZN10QBoxLayout10setSpacingEi
_ZN10QBoxLayout9addLayoutEP7QLayouti
_ZN10QBoxLayout9addWidgetEP7QWidgeti6QFlagsIN2Qt13AlignmentFlagEE
_ZN10QTabWidget10setTabTextEiRK7QString
_ZN10QTabWidget11setTabShapeENS_8TabShapeE
_ZN10QTabWidget13setTabEnabledEib
_ZN10QTabWidget15setCurrentIndexEi
_ZN10QTabWidget6addTabEP7QWidgetRK7QString
_ZN10QTabWidgetC1EP7QWidget
_ZN11QHBoxLayoutC1EP7QWidget
_ZN11QHBoxLayoutC1Ev
_ZN11QMessageBox11informationEP7QWidgetRK7QStringS4_6QFlagsINS_14StandardButtonEES6_
_ZN11QPushButtonC1EP7QWidget
_ZN11QToolButtonC1EP7QWidget
_ZN11QVBoxLayoutC1EP7QWidget
_ZN11QVBoxLayoutC1Ev
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPci
_ZN12QApplicationD1Ev
_ZN12QRadioButtonC1EP7QWidget
_ZN14QStackedWidget15setCurrentIndexEi
_ZN14QStackedWidget9addWidgetEP7QWidget
_ZN14QStackedWidgetC1EP7QWidget
_ZN15QAbstractButton10setCheckedEb
_ZN15QAbstractButton11setIconSizeERK5QSize
_ZN15QAbstractButton12setCheckableEb
_ZN15QAbstractButton7setTextERK7QString
_ZN15QAbstractSlider10setMaximumEi
_ZN15QAbstractSlider14setOrientationEN2Qt11OrientationE
_ZN15QAbstractSlider8setValueEi
_ZN18QCommandLinkButtonC1EP7QWidget
_ZN6QFrame12setLineWidthEi
_ZN6QFrame13setFrameShapeENS_5ShapeE
_ZN6QFrame14setFrameShadowENS_6ShadowE
_ZN6QFrame15setMidLineWidthEi
_ZN6QLabel12setAlignmentE6QFlagsIN2Qt13AlignmentFlagEE
_ZN6QLabel7setTextERK7QString
_ZN6QLabel9setPixmapERK7QPixmap
_ZN6QLabelC1EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QLayout18setContentsMarginsEiiii
_ZN7QSliderC1EP7QWidget
_ZN7QWidget10closeEventEP11QCloseEvent
_ZN7QWidget10enterEventEP6QEvent
_ZN7QWidget10leaveEventEP6QEvent
_ZN7QWidget10paintEventEP11QPaintEvent
_ZN7QWidget10setEnabledEb
_ZN7QWidget10setVisibleEb
_ZN7QWidget10wheelEventEP11QWheelEvent
_ZN7QWidget11actionEventEP12QActionEvent
_ZN7QWidget11changeEventEP6QEvent
_ZN7QWidget11nativeEventERK10QByteArrayPvPl
_ZN7QWidget11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QWidget11qt_metacastEPKc
_ZN7QWidget11resizeEventEP12QResizeEvent
_ZN7QWidget11setGeometryERK5QRect
_ZN7QWidget11tabletEventEP12QTabletEvent
_ZN7QWidget12focusInEventEP11QFocusEvent
_ZN7QWidget12setFixedSizeEii
_ZN7QWidget13dragMoveEventEP14QDragMoveEvent
_ZN7QWidget13focusOutEventEP11QFocusEvent
_ZN7QWidget13keyPressEventEP9QKeyEvent
_ZN7QWidget13setSizePolicyE11QSizePolicy
_ZN7QWidget13setStyleSheetERK7QString
_ZN7QWidget14dragEnterEventEP15QDragEnterEvent
_ZN7QWidget14dragLeaveEventEP15QDragLeaveEvent
_ZN7QWidget14mouseMoveEventEP11QMouseEvent
_ZN7QWidget14setMinimumSizeEii
_ZN7QWidget14setWindowTitleERK7QString
_ZN7QWidget15keyReleaseEventEP9QKeyEvent
_ZN7QWidget15mousePressEventEP11QMouseEvent
_ZN7QWidget16contextMenuEventEP17QContextMenuEvent
_ZN7QWidget16inputMethodEventEP17QInputMethodEvent
_ZN7QWidget16staticMetaObjectE
_ZN7QWidget17mouseReleaseEventEP11QMouseEvent
_ZN7QWidget18focusNextPrevChildEb
_ZN7QWidget21mouseDoubleClickEventEP11QMouseEvent
_ZN7QWidget4showEv
_ZN7QWidget5closeEv
_ZN7QWidget5eventEP6QEvent
_ZN7QWidget6resizeERK5QSize
_ZN7QWidget7setFontERK5QFont
_ZN7QWidget9dropEventEP10QDropEvent
_ZN7QWidget9hideEventEP10QHideEvent
_ZN7QWidget9moveEventEP10QMoveEvent
_ZN7QWidget9showEventEP10QShowEvent
_ZN7QWidgetC1EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidgetC2EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidgetD2Ev
_ZN9QCheckBoxC1EP7QWidget
_ZN9QComboBox11insertItemsEiRK11QStringList
_ZN9QComboBox14setCurrentTextERK7QString
_ZN9QComboBox15setCurrentIndexEi
_ZN9QComboBox5clearEv
_ZN9QComboBoxC1EP7QWidget
_ZN9QGroupBox8setTitleERK7QString
_ZN9QGroupBoxC1EP7QWidget
_ZN9QLineEdit11setReadOnlyEb
_ZN9QLineEdit12setMaxLengthEi
_ZN9QLineEdit12setValidatorEPK10QValidator
_ZN9QLineEdit7setTextERK7QString
_ZN9QLineEditC1EP7QWidget
_ZN9QSplitter14setOrientationEN2Qt11OrientationE
_ZN9QSplitter9addWidgetEP7QWidget
_ZN9QSplitterC1EP7QWidget
_ZNK10QTabWidget7indexOfEP7QWidget
_ZNK15QAbstractButton4textEv
_ZNK15QAbstractButton9isCheckedEv
_ZNK15QAbstractSlider5valueEv
_ZNK6QLabel4textEv
_ZNK7QWidget10redirectedEP6QPoint
_ZNK7QWidget10sizePolicyEv
_ZNK7QWidget11initPainterEP8QPainter
_ZNK7QWidget11paintEngineEv
_ZNK7QWidget13sharedPainterEv
_ZNK7QWidget14heightForWidthEi
_ZNK7QWidget15minimumSizeHintEv
_ZNK7QWidget16inputMethodQueryEN2Qt16InputMethodQueryE
_ZNK7QWidget17hasHeightForWidthEv
_ZNK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZNK7QWidget7devTypeEv
_ZNK7QWidget8sizeHintEv
_ZNK9QCheckBox10checkStateEv
_ZNK9QComboBox11currentTextEv
_ZNK9QComboBox12currentIndexEv
_ZNK9QLineEdit4textEv
_ZTV11QSpacerItem
_ZThn8_NK7QWidget10redirectedEP6QPoint
_ZThn8_NK7QWidget11initPainterEP8QPainter
_ZThn8_NK7QWidget11paintEngineEv
_ZThn8_NK7QWidget13sharedPainterEv
_ZThn8_NK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZThn8_NK7QWidget7devTypeEv

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info
__udivdi3
__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_initterm
_iob
_lock
_onexit
_unlock
abort
atoi
calloc
exit
fflush
fprintf
fputc
free
fwrite
getenv
localeconv
malloc
memmove
memset
memcpy
printf
puts
realloc
setlocale
signal
strchr
strcmp
strerror
strlen
strncmp
vfprintf
wcslen

shell32

CommandLineToArgvW

ws2_32

htonl
ntohl

libstdc++-6

_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERjj
_ZSt19__throw_logic_errorPKc
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdaPv
_ZdlPv
_Znaj
_Znwj
__cxa_begin_catch
__cxa_end_catch
__cxa_rethrow
__gxx_personality_v0

Sections

.text
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

944a64be84fe849732bfa94ba21b96da

Headers

File Characteristics

Imports

lua51

vbar

qt5core

qt5gui

qt5widgets

libgcc_s_dw2-1

kernel32

msvcrt

shell32

ws2_32

libstdc++-6

Sections

.text Size: 400KB - Virtual size: 400KB

.data Size: 512B - Virtual size: 124B

.rdata Size: 157KB - Virtual size: 156KB

/4 Size: 23KB - Virtual size: 23KB

.bss Size: - Virtual size: 3KB

.idata Size: 14KB - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.text
Size: 400KB - Virtual size: 400KB

.data
Size: 512B - Virtual size: 124B

.rdata
Size: 157KB - Virtual size: 156KB

/4
Size: 23KB - Virtual size: 23KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 14KB - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B