d00600d1874fd2857208b7e17b14996ad48760b5a84422e36a2174fe4aa6ce3b

Sharing

Copy URL Twitter E-mail

General

Target

d00600d1874fd2857208b7e17b14996ad48760b5a84422e36a2174fe4aa6ce3b
Size

842KB
MD5

2cfffbfb0c7dd5bdfee5d9e4fdfaca2f
SHA1

444e6245e177b0655b88f9ddf41d4c5b9520b6f9
SHA256

d00600d1874fd2857208b7e17b14996ad48760b5a84422e36a2174fe4aa6ce3b
SHA512

08d470425b3e7ae6e8598de47508c44d94c471a2a0702b599ecf4ba37b86a73b9d51346a44e7172252240b5ee9b4b7f33d3e8722a924687094e868b1460032a4
SSDEEP

6144:+ICm4vygtFbnLJBb8QjBZvxLipx56XaFcmaXqDEmqI0FrnlpWkCzrGArAnrCD05Y:o/ygtFbn9BRBZApvMsg0zPGAUnZ9w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d00600d1874fd2857208b7e17b14996ad48760b5a84422e36a2174fe4aa6ce3b

Files

d00600d1874fd2857208b7e17b14996ad48760b5a84422e36a2174fe4aa6ce3b
.exe windows:4 windows x64 arch:x64

fe270ae8edd1da842e16fd85ef4113d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5core

_Z5qHashRK7QStringj
_ZN10QArrayData10deallocateEPS_yy
_ZN10QArrayData11shared_nullE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN10QByteArray6appendEPKci
_ZN10QByteArray6appendEc
_ZN10QByteArray6resizeEi
_ZN10QByteArrayC1Eic
_ZN11QDataStream11resetStatusEv
_ZN11QDataStream9setStatusENS_6StatusE
_ZN11QDataStreamC2EP10QByteArray6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN11QDataStreamC2EP9QIODevice
_ZN11QDataStreamC2ERK10QByteArray
_ZN11QDataStreamD2Ev
_ZN11QDataStreamlsEa
_ZN11QDataStreamlsEb
_ZN11QDataStreamlsEf
_ZN11QDataStreamlsEi
_ZN11QDataStreamlsEx
_ZN11QDataStreamrsERa
_ZN11QDataStreamrsERb
_ZN11QDataStreamrsERf
_ZN11QDataStreamrsERi
_ZN11QDataStreamrsERx
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QMetaObject14normalizedTypeEPKc
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN11QTextStreamlsEPKc
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN11QTextStreamlsEf
_ZN11QTextStreamlsEi
_ZN11QTextStreamlsEj
_ZN11QTextStreamlsEy
_ZN16QCoreApplication18setApplicationNameERK7QString
_ZN16QCoreApplication21setApplicationVersionERK7QString
_ZN16QCoreApplication4execEv
_ZN16QCoreApplication9translateEPKcS1_S1_i
_ZN16QCoreApplicationC1ERiPPci
_ZN16QCoreApplicationD1Ev
_ZN18QCommandLineOptionC1ERK11QStringListRK7QStringS5_S5_
_ZN18QCommandLineOptionD1Ev
_ZN18QCommandLineParser13addHelpOptionEv
_ZN18QCommandLineParser16addVersionOptionEv
_ZN18QCommandLineParser25setApplicationDescriptionERK7QString
_ZN18QCommandLineParser7processERK16QCoreApplication
_ZN18QCommandLineParser9addOptionERK18QCommandLineOption
_ZN18QCommandLineParserC1Ev
_ZN18QCommandLineParserD1Ev
_ZN6QDebug12putByteArrayEPKcyNS_13Latin1ContentE
_ZN6QDebug9putStringEPK5QChary
_ZN6QDebugD1Ev
_ZN6QTimer16staticMetaObjectE
_ZN6QTimer5startEi
_ZN6QTimer7timeoutENS_14QPrivateSignalE
_ZN6QTimerC1EP7QObject
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11connectImplEPKS_PPvS1_S3_PN9QtPrivate15QSlotObjectBaseEN2Qt14ConnectionTypeEPKiPK11QMetaObject
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11deleteLaterEv
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QString13toUtf8_helperERKS_
_ZN7QString14trimmed_helperERS_
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString16fromAscii_helperEPKci
_ZN7QString6appendERKS_
_ZN7QStringaSERKS_
_ZN9QDateTime15currentDateTimeEv
_ZN9QDateTimeC1ERKS_
_ZN9QDateTimeC1Ev
_ZN9QDateTimeD1Ev
_ZN9QDateTimeaSERKS_
_ZN9QHashData11free_helperEPFvPNS_4NodeEE
_ZN9QHashData11shared_nullE
_ZN9QHashData12allocateNodeEi
_ZN9QHashData12previousNodeEPNS_4NodeE
_ZN9QHashData13detach_helperEPFvPNS_4NodeEPvEPFvS1_Eii
_ZN9QHashData6rehashEi
_ZN9QHashData8freeNodeEPv
_ZN9QHashData8nextNodeEPNS_4NodeE
_ZN9QIODevice16staticMetaObjectE
_ZN9QIODevice4openE6QFlagsINS_12OpenModeFlagEE
_ZN9QIODevice4seekEx
_ZN9QIODevice5resetEv
_ZN9QIODevice9readyReadEv
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData6detachEi
_ZN9QListData7disposeEPNS_4DataE
_ZN9QListData7reallocEi
_ZN9QMetaType22registerNormalizedTypeERK10QByteArrayPFvPvEPFS3_S3_PKvEi6QFlagsINS_8TypeFlagEEPK11QMetaObject
_ZN9QMetaType23registerStreamOperatorsEPKcPFvR11QDataStreamPKvEPFvS3_PvE
_ZN9QMetaType25registerConverterFunctionEPKN9QtPrivate25AbstractConverterFunctionEii
_ZN9QMetaType25registerNormalizedTypedefERK10QByteArrayi
_ZN9QMetaType27unregisterConverterFunctionEii
_ZN9QMetaType30hasRegisteredConverterFunctionEii
_ZN9QMetaType8typeNameEi
_ZNK10QByteArray6isNullEv
_ZNK10QByteArray8endsWithEc
_ZNK11QDataStream6statusEv
_ZNK11QMetaObject2trEPKcS1_i
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK14QMessageLogger5debugEv
_ZNK18QCommandLineParser5isSetERK18QCommandLineOption
_ZNK18QCommandLineParser5valueERK18QCommandLineOption
_ZNK18QCommandLineParser6valuesERK18QCommandLineOption
_ZNK7QString3argERKS_i5QChar
_ZNK7QString3argExii5QChar
_ZNK7QString3argEyii5QChar
_ZNK7QString6toUIntEPbi
_ZNK9QDateTime7addSecsEx
_ZNK9QDateTime8toStringERK7QString
_ZNK9QDateTimeltERKS_
_ZNK9QIODevice11errorStringEv
_ZNK9QIODevice20isTransactionStartedEv
_ZNK9QIODevice3posEv
_ZNK9QIODevice4sizeEv
_ZeqRK7QStringS1_
_Zls6QDebugRK5QTime
_Zls6QDebugRK9QDateTime
_ZlsR11QDataStreamRK10QByteArray
_ZlsR11QDataStreamRK5QTime
_ZrsR11QDataStreamR10QByteArray
_ZrsR11QDataStreamR5QTime
_ZrsR11QDataStreamR9QDateTime

qt5gui

_ZN6QColor10invalidateEv
_ZlsR11QDataStreamRK6QColor

qt5network

_Z5qHashRK12QHostAddressj
_ZN10QUdpSocket11qt_metacallEN11QMetaObject4CallEiPPv
_ZN10QUdpSocket11qt_metacastEPKc
_ZN10QUdpSocket12readDatagramEPcxP12QHostAddressPt
_ZN10QUdpSocket13writeDatagramEPKcxRK12QHostAddresst
_ZN10QUdpSocket16staticMetaObjectE
_ZN10QUdpSocket18joinMulticastGroupERK12QHostAddressRK17QNetworkInterface
_ZN10QUdpSocket19leaveMulticastGroupERK12QHostAddressRK17QNetworkInterface
_ZN10QUdpSocketC2EP7QObject
_ZN10QUdpSocketD2Ev
_ZN12QHostAddressC1ENS_14SpecialAddressE
_ZN12QHostAddressC1ERK7QString
_ZN12QHostAddressC1ERKS_
_ZN12QHostAddressC1Ev
_ZN12QHostAddressD1Ev
_ZN12QHostAddressaSERKS_
_ZN15QAbstractSocket12readLineDataEPcx
_ZN15QAbstractSocket12socketOptionENS_12SocketOptionE
_ZN15QAbstractSocket13connectToHostERK12QHostAddresst6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN15QAbstractSocket13connectToHostERK7QStringt6QFlagsIN9QIODevice12OpenModeFlagEENS_20NetworkLayerProtocolE
_ZN15QAbstractSocket15setSocketOptionENS_12SocketOptionERK8QVariant
_ZN15QAbstractSocket16waitForConnectedEi
_ZN15QAbstractSocket16waitForReadyReadEi
_ZN15QAbstractSocket17setReadBufferSizeEx
_ZN15QAbstractSocket18disconnectFromHostEv
_ZN15QAbstractSocket19setSocketDescriptorExNS_11SocketStateE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN15QAbstractSocket19waitForBytesWrittenEi
_ZN15QAbstractSocket19waitForDisconnectedEi
_ZN15QAbstractSocket4bindERK12QHostAddresst6QFlagsINS_8BindFlagEE
_ZN15QAbstractSocket5closeEv
_ZN15QAbstractSocket5errorENS_11SocketErrorE
_ZN15QAbstractSocket6resumeEv
_ZN15QAbstractSocket8readDataEPcx
_ZN15QAbstractSocket9writeDataEPKcx
_ZN17QNetworkInterface13allInterfacesEv
_ZN17QNetworkInterface17interfaceFromNameERK7QString
_ZN17QNetworkInterfaceC1ERKS_
_ZN17QNetworkInterfaceD1Ev
_ZN20QNetworkAddressEntryC1ERKS_
_ZN20QNetworkAddressEntryD1Ev
_ZNK10QUdpSocket19hasPendingDatagramsEv
_ZNK10QUdpSocket19pendingDatagramSizeEv
_ZNK12QHostAddress11isMulticastEv
_ZNK12QHostAddress13toIPv4AddressEPb
_ZNK12QHostAddress6isNullEv
_ZNK12QHostAddress8protocolEv
_ZNK12QHostAddress8toStringEv
_ZNK12QHostAddresseqERKS_
_ZNK15QAbstractSocket11canReadLineEv
_ZNK15QAbstractSocket12bytesToWriteEv
_ZNK15QAbstractSocket12isSequentialEv
_ZNK15QAbstractSocket14bytesAvailableEv
_ZNK15QAbstractSocket16socketDescriptorEv
_ZNK15QAbstractSocket5atEndEv
_ZNK15QAbstractSocket5stateEv
_ZNK15QAbstractSocket9localPortEv
_ZNK17QNetworkInterface14addressEntriesEv
_ZNK17QNetworkInterface15hardwareAddressEv
_ZNK17QNetworkInterface17humanReadableNameEv
_ZNK17QNetworkInterface4nameEv
_ZNK17QNetworkInterface5flagsEv
_ZNK17QNetworkInterface5indexEv
_ZNK20QNetworkAddressEntry2ipEv

libgcc_s_seh-1

_Unwind_Resume

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
__C_specific_handler

msvcrt

__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strcmp
strlen
strncmp
vfprintf

libstdc++-6

_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNSo3putEc
_ZNSo5flushEv
_ZNSo9_M_insertIbEERSoT_
_ZNSolsEi
_ZNSt13runtime_errorC1EPKc
_ZNSt13runtime_errorD1Ev
_ZNSt6locale6globalERKS_
_ZNSt6locale7classicEv
_ZNSt6localeD1Ev
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERyy
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_x
_ZSt16__throw_bad_castv
_ZSt19__throw_logic_errorPKc
_ZSt4cerr
_ZSt4cout
_ZSt9terminatev
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdlPv
_Znwy
__cxa_allocate_exception
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__gxx_personality_seh0

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 512B - Virtual size: 307B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe270ae8edd1da842e16fd85ef4113d1

Headers

File Characteristics

Imports

qt5core

qt5gui

qt5network

libgcc_s_seh-1

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 101KB - Virtual size: 100KB

.data Size: 1024B - Virtual size: 640B

.rdata Size: 12KB - Virtual size: 11KB

.pdata Size: 2KB - Virtual size: 2KB

.xdata Size: 7KB - Virtual size: 6KB

.bss Size: - Virtual size: 2KB

.idata Size: 15KB - Virtual size: 15KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 540KB - Virtual size: 539KB

/4 Size: 512B - Virtual size: 80B

/19 Size: 7KB - Virtual size: 7KB

/31 Size: 512B - Virtual size: 307B

/45 Size: 1024B - Virtual size: 546B

/57 Size: 512B - Virtual size: 72B

/70 Size: 512B - Virtual size: 157B

.text
Size: 101KB - Virtual size: 100KB

.data
Size: 1024B - Virtual size: 640B

.rdata
Size: 12KB - Virtual size: 11KB

.pdata
Size: 2KB - Virtual size: 2KB

.xdata
Size: 7KB - Virtual size: 6KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 15KB - Virtual size: 15KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 540KB - Virtual size: 539KB

/4
Size: 512B - Virtual size: 80B

/19
Size: 7KB - Virtual size: 7KB

/31
Size: 512B - Virtual size: 307B

/45
Size: 1024B - Virtual size: 546B

/57
Size: 512B - Virtual size: 72B

/70
Size: 512B - Virtual size: 157B