750e2dc52b17db4c2bf8c7874e2f862618f4ce9f0caea887b7db6711158dcc07

Sharing

Copy URL Twitter E-mail

General

Target

750e2dc52b17db4c2bf8c7874e2f862618f4ce9f0caea887b7db6711158dcc07
Size

99KB
MD5

f7f3636f817a9902174d6a797e5f057b
SHA1

2e6a15d286b16243ab89ba31e78460b61f38e994
SHA256

750e2dc52b17db4c2bf8c7874e2f862618f4ce9f0caea887b7db6711158dcc07
SHA512

fe56b98e3c45e657b17e836f94ec46cd10e88ac21348a01ba3b7d19926a761e45b407ec98a2ed7beefbbd70803cf46a137224a8a8dbda35fc840bc99085275c1
SSDEEP

1536:yiP3FCujj9kZE7E/xEbK1rH3oYMmVcaMdBOnRJr:yi/FDQE7E/t1rH3oYMmHMPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
750e2dc52b17db4c2bf8c7874e2f862618f4ce9f0caea887b7db6711158dcc07

Files

750e2dc52b17db4c2bf8c7874e2f862618f4ce9f0caea887b7db6711158dcc07
.exe windows:6 windows x86 arch:x86

f4e5a29e12cb470c5acaa40190cf75ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\qci_workspace\root-workspaces\__qci-pipeline-10989746-1\Basic\Output\BinFinal\QQPCMgr.pdb

Imports

common

?DelIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?ClearDeadQueue@Misc@Util@@YAXXZ
?NotifyIdle@TXTimer@@YAXXZ

kernel32

InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetModuleHandleExW
FreeLibrary
LoadLibraryW
WideCharToMultiByte
QueryPerformanceCounter
ReadFile
LoadResource
LockResource
SizeofResource
FindResourceW
FindResourceExW
ReleaseMutex
GetCurrentThreadId
SwitchToThread
HeapSize
CreateEventW
InitializeCriticalSectionEx
UnhandledExceptionFilter
GetSystemDirectoryW
MoveFileW
MoveFileExW
lstrcmpiW
VirtualQuery
GetSystemTimeAsFileTime
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
OutputDebugStringW
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
SetDllDirectoryW
lstrlenW
DeleteCriticalSection
SetEvent
InitializeSListHead
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
OpenProcess
ProcessIdToSessionId
CreateProcessW
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
Sleep
SetLastError
GetLastError
IsDebuggerPresent
GetCommandLineW
CloseHandle
GetTempPathW
WriteFile
SetFilePointer
CreateFileW
GetProcessHeap

user32

PeekMessageW
RegisterWindowMessageW
SendMessageTimeoutW
TranslateMessage
DispatchMessageW
WaitMessage
GetMessageW
IsWindow
ShowWindow
IsZoomed
SetForegroundWindow
RedrawWindow

advapi32

StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetTokenInformation
CreateWellKnownSid
CheckTokenMembership
OpenProcessToken

shell32

CommandLineToArgvW
ShellExecuteW
ord680

ole32

OleInitialize

shlwapi

PathCombineW
PathMakePrettyW
PathStripPathW
SHGetValueW
PathRemoveFileSpecW
PathGetArgsW
PathFileExistsW
PathAddBackslashW
StrStrIW
PathAppendW

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

imm32

ImmDisableIME

psapi

GetModuleBaseNameW
EnumProcessModules
EnumProcesses
GetModuleFileNameExW

vcruntime140

memmove
wcsrchr
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
__std_terminate
__CxxFrameHandler3
memset
wcsstr
__std_exception_copy
__std_exception_destroy
memcpy

api-ms-win-crt-string-l1-1-0

wcscpy_s
wcsncpy_s
wcsncmp
wcsnlen
wmemcpy_s
_wcsicmp
_wcsnicmp
_wcslwr

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vsprintf
__stdio_common_vswprintf_s
_set_fmode
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s

api-ms-win-crt-runtime-l1-1-0

__p___wargv
__p___argc
exit
_initterm
_invalid_parameter_noinfo_noreturn
_exit
_initterm_e
_c_exit
_get_wide_winmain_command_line
_initialize_wide_environment
_controlfp_s
_errno
_invalid_parameter_noinfo
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_configure_wide_argv
terminate
_seh_filter_exe
_set_app_type
_register_thread_local_exe_atexit_callback

api-ms-win-crt-convert-l1-1-0

_ultow_s
_wtoi

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh
_recalloc
_set_new_mode

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4e5a29e12cb470c5acaa40190cf75ea

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

common

kernel32

user32

advapi32

shell32

ole32

shlwapi

msvcp140

imm32

psapi

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 4KB - Virtual size: 3KB