61318e1a4eedb4edfee2d90306c79657106f13b22d5ea007c5bb300992cbc521

Sharing

Copy URL Twitter E-mail

General

Target

61318e1a4eedb4edfee2d90306c79657106f13b22d5ea007c5bb300992cbc521
Size

984KB
MD5

92f89085cf1d0daf715135b643b219cf
SHA1

21132ae425cdefba226a64c9a9a883c7c119377a
SHA256

61318e1a4eedb4edfee2d90306c79657106f13b22d5ea007c5bb300992cbc521
SHA512

e2b502dc4879ba8a0fdbb782340d57ef374d2dfede2398b39c6ac0a87de6511800ab1e689fcb3e538be152e4926fd9a6bc482a8a2680c6c7c42a0b707305a8aa
SSDEEP

24576:qH0bXtL+GLJbHbU5btSG0Mzzugkpqs543H:zbXtDLJDabtSGxzurpzo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61318e1a4eedb4edfee2d90306c79657106f13b22d5ea007c5bb300992cbc521

Files

61318e1a4eedb4edfee2d90306c79657106f13b22d5ea007c5bb300992cbc521
.exe windows:6 windows x86 arch:x86

b56366ac6e7aa8fca793e060afd65b1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\qci_workspace\root-workspaces\__qci-pipeline-10989746-1\Basic\Output\BinFinal\CubeNetSpeedTest.pdb

Imports

imm32

ImmDisableIME

wininet

InternetReadFile
InternetSetOptionW
HttpSendRequestExW
HttpAddRequestHeadersW
HttpQueryInfoW
InternetOpenW
InternetWriteFile
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
HttpEndRequestW

gdiplus

GdipSetSmoothingMode
GdipCreatePath
GdipCreateSolidFill
GdiplusShutdown
GdipAddPathLine2I
GdipAddPathLineI
GdipFree
GdipDeletePath
GdipCreateFromHDC
GdipDrawCurve2I
GdipCloneBrush
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdipAddPathCurveI
GdipAlloc
GdipDrawLinesI
GdipDeleteBrush
GdipFillPath

ws2_32

gethostname
inet_addr
htons
htonl
gethostbyname

common

??1CTXStringA@@QAE@XZ
??0CTXStringA@@QAE@XZ
??M@YA_NABVCTXStringA@@0@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?TXAssert@@YAHPB_W0H@Z
??7CTXStringW@@QBE_NXZ
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
??1CTXStringW@@QAE@XZ
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??0CTXTime@@QAE@_J@Z
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
?GetBuffer@CTXStringW@@QAEPA_WXZ
?Format@CTXTime@@QBE?AVCTXStringW@@PB_W@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
?Find@CTXStringW@@QBEHPB_WH@Z
?GetFileName@FS@Util@@YA?AVCTXStringW@@ABV3@@Z
?IsEmpty@CTXStringW@@QBE_NXZ
??YCTXStringW@@QAEAAV0@ABV0@@Z
?GetLength@CTXStringW@@QBEHXZ
??0CTXStringW@@QAE@ABV0@@Z
?NotifyIdle@TXTimer@@YAXXZ
?AddIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?GetParentDir@File@Util@@YA?AVCTXStringW@@ABV3@@Z
?Format@CTXStringA@@QAAXPBDZZ
?InitPlatform@CoreCenter@Util@@YAHPA_W@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
?GetPlatformTpc@CoreCenter@Util@@YAHPAPAUITXDataRead@@@Z
?GetPlatformCore@CoreCenter@Util@@YAHPAPAUITXPlatformCore@@@Z
??0CTXBSTR@@QAE@XZ
??ICTXBSTR@@QAEPAPA_WXZ
??8CTXBSTR@@QBE_NPB_W@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?RemoveFileSystem@FS@@YAHPB_W@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?IsDirectoryExist@FS@@YAHPB_W@Z
?SplitQNC@FS@@YAHPB_WAAVCTXStringW@@1@Z
?GetLocalePath@TXI18N@@YA?AVCTXStringW@@PB_W@Z
?TrimLeft@CTXStringW@@QAEAAV1@PB_W@Z
??M@YA_NABVCTXStringW@@0@Z
??0CTXStringW@@QAE@XZ
?AddFmtString@TXStringBundle@@YAXABVCFmtString@@@Z
?PropertyStr@CFmtString@@QAEHPB_W0@Z
??1CFmtString@@QAE@XZ
??0CFmtString@@QAE@XZ
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?InitPlatformGFConfig@Boot@Util@@YAHXZ
?InitPlatformCoreConfig@Boot@Util@@YAHXZ
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
??0CTXStringW@@QAE@PA_W@Z
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?InitPlatformI18NConfig@Boot@Util@@YAHXZ
?DelIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?ClearDeadQueue@Misc@Util@@YAXXZ
??BCTXStringW@@QBEPB_WXZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
?OnUninitCom@Misc@Util@@YAXXZ

gf

??0CDPIScaleIgnoreHelper@@QAE@XZ
??1CDPIScaleIgnoreHelper@@QAE@XZ
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@PAUITXCore@@H@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?ScaleX@DPI@GF@Util@@YAHH@Z
?SetDPIAdaptFlag@DPI@GF@Util@@YAXH@Z
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z

xgraphic32

GetTextureHandle
GetCanvasHandle

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

UnhandledExceptionFilter
WaitForMultipleObjects
GetSystemDirectoryW
GetModuleHandleExW
VirtualQuery
lstrlenW
MapViewOfFileEx
GetSystemDefaultLangID
GetNativeSystemInfo
GetSystemPowerStatus
MoveFileW
MoveFileExW
lstrcpynW
OpenProcess
SetErrorMode
SearchPathW
CreateProcessW
SetUnhandledExceptionFilter
WriteProcessMemory
lstrcmpiW
GetCommandLineW
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
ReleaseMutex
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
FreeLibrary
LockFileEx
LocalFree
UnlockFile
GetSystemInfo
DeleteFileW
DeleteFileA
LoadLibraryA
CreateFileA
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
GetVersionExW
GetFileAttributesW
GetTempPathW
UnlockFileEx
GetFullPathNameA
SwitchToThread
InitializeCriticalSectionAndSpinCount
LockFile
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
AreFileApisANSI
WideCharToMultiByte
MultiByteToWideChar
ReadFile
GetFileSize
CreateFileW
SetEndOfFile
SetFilePointer
MapViewOfFile
CreateFileMappingW
IsBadReadPtr
GetCurrentProcessId
ResetEvent
TerminateThread
SetEvent
GetTickCount64
CreateEventW
UnmapViewOfFile
OpenFileMappingW
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
LoadLibraryExW
SetDllDirectoryW
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
GetProcAddress
HeapDestroy
HeapAlloc
LoadLibraryW
RaiseException
CloseHandle
HeapReAlloc
GetLastError
Sleep
HeapSize
GetCurrentThreadId
InitializeCriticalSectionEx
CreateMutexW
GetModuleFileNameW
GetStartupInfoW
IsProcessorFeaturePresent
InitializeSListHead
TerminateProcess
GetCurrentProcess
SetLastError
HeapFree
OutputDebugStringW
WaitForSingleObjectEx

user32

IsWindow
MsgWaitForMultipleObjects
SendMessageTimeoutW
PeekMessageW
FindWindowW
PostThreadMessageW
CopyRect
SetRectEmpty
DispatchMessageW
GetWindowThreadProcessId
GetMessageW
SetWindowPos
MessageBoxW
ShowWindow
LoadImageW
RedrawWindow
AttachThreadInput
GetForegroundWindow
SetForegroundWindow
SendMessageW
RegisterClassExW
RegisterWindowMessageW
CreateWindowExW
PostMessageW
SetWindowLongW
GetWindowLongW
DefWindowProcW
DestroyWindow
TranslateMessage
WaitMessage

gdi32

CreateCompatibleDC
SelectObject
ExtSelectClipRgn
EndPath
PathToRegion
DeleteDC
Pie
BeginPath
DeleteObject

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegGetKeySecurity
RegDeleteKeyW
RegDeleteValueW
RegFlushKey
RegEnumValueW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegSetKeySecurity

ole32

CoUninitialize
OleInitialize
CoInitialize

oleaut32

SysFreeString
LoadTypeLi
LoadRegTypeLi
SysStringLen

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

shlwapi

PathMakePrettyW
PathCombineW
PathFindFileNameW
PathRemoveFileSpecW
SHGetValueW
StrToIntW
PathAppendW
StrStrIW
PathAddBackslashW
PathFileExistsW
PathStripPathW

comctl32

InitCommonControlsEx

msimg32

AlphaBlend

iphlpapi

GetIfEntry2
GetIfTable
GetAdaptersInfo
GetBestInterface
GetAdaptersAddresses

wlanapi

WlanGetAvailableNetworkList
WlanCloseHandle
WlanEnumInterfaces
WlanOpenHandle

psapi

EnumProcesses
GetProcessMemoryInfo
GetModuleBaseNameW
GetModuleFileNameExW
EnumProcessModules

vcruntime140

__RTDynamicCast
_CxxThrowException
memcmp
__CxxFrameHandler3
__std_exception_destroy
_except_handler4_common
memcpy
__current_exception
memset
_set_purecall_handler
__std_exception_copy
_purecall
__std_type_info_name
__current_exception_context
__std_terminate
memmove
wcschr
wcsrchr
wcsstr

api-ms-win-crt-heap-l1-1-0

free
realloc
_set_new_mode
malloc
_callnewh
_recalloc

api-ms-win-crt-string-l1-1-0

wcsncmp
wcsnlen
wmemcpy_s
strncmp
wcsncpy_s
_wcsicmp
strncpy_s
wcsncat_s
_wcsnicmp
wcscpy_s
_stricmp
strcpy_s

api-ms-win-crt-runtime-l1-1-0

_cexit
_seh_filter_exe
_set_app_type
_crt_atexit
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
exit
_exit
_beginthreadex
_c_exit
_register_thread_local_exe_atexit_callback
_register_onexit_function
_set_invalid_parameter_handler
_controlfp_s
_initialize_onexit_table
set_terminate
terminate
_invalid_parameter_noinfo
__p___wargv
_initterm_e
_errno
_invalid_parameter_noinfo_noreturn
__p___argc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnwprintf_s
_set_fmode
__stdio_common_vsprintf_s
__stdio_common_vswscanf
__stdio_common_vsprintf
__p__commode
__stdio_common_vswprintf_s

api-ms-win-crt-time-l1-1-0

_time64
_difftime64
_localtime64_s

api-ms-win-crt-convert-l1-1-0

_strtoi64
_wtol

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath_s

api-ms-win-crt-math-l1-1-0

_libm_sse2_tan_precise
_libm_sse2_sqrt_precise
__setusermatherr

Sections

.text
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b56366ac6e7aa8fca793e060afd65b1f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

imm32

wininet

gdiplus

ws2_32

common

gf

xgraphic32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcp140

shlwapi

comctl32

msimg32

iphlpapi

wlanapi

psapi

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 705KB - Virtual size: 704KB

.rdata Size: 165KB - Virtual size: 164KB

.data Size: 48KB - Virtual size: 52KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 37KB - Virtual size: 37KB

.text
Size: 705KB - Virtual size: 704KB

.rdata
Size: 165KB - Virtual size: 164KB

.data
Size: 48KB - Virtual size: 52KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 37KB - Virtual size: 37KB