bfb468b746c854ef7d0df95eadd81fb0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bfb468b746c854ef7d0df95eadd81fb0N.exe
Size

166KB
MD5

bfb468b746c854ef7d0df95eadd81fb0
SHA1

25b8f1dcbb0da2700b9f935635cc08dac014d9a8
SHA256

c7a800923cba05ad43c0b013cc511b8c8523385b70e5dd9d1d1c2364185d424d
SHA512

8e5f728b4af54f1b59714f75cb32c4d007c28d13d15d88197ef7211f4c3b0d3255d82af3b88c41876e160ad962762f25b0c6b97edaa5f1b2fde19cea1e65f493
SSDEEP

3072:EWYcdHIV5F8+xnbdicSMuPJw5XW3j+HCmrJsnJ/2e:TYcdmF7xZm19aHCmrJsnJ/2e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfb468b746c854ef7d0df95eadd81fb0N.exe

Files

bfb468b746c854ef7d0df95eadd81fb0N.exe
.dll windows:4 windows x64 arch:x64

2c0a4aea44de147113493563e3d2062d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_setjmp
_unlock
abort
calloc
free
fwrite
longjmp
memcpy
memmove
realloc
strcmp
strlen
strncmp
vfprintf

libstdc++-6

_ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdaPv
_ZdlPv
_ZdlPvy
_Znay
_Znwy
__cxa_guard_acquire
__cxa_guard_release

libjpeg-9

jpeg_CreateCompress
jpeg_CreateDecompress
jpeg_calc_output_dimensions
jpeg_destroy_compress
jpeg_destroy_decompress
jpeg_finish_compress
jpeg_finish_decompress
jpeg_read_header
jpeg_read_scanlines
jpeg_resync_to_restart
jpeg_save_markers
jpeg_set_defaults
jpeg_set_quality
jpeg_simple_progression
jpeg_start_compress
jpeg_start_decompress
jpeg_std_error
jpeg_write_marker
jpeg_write_scanlines

qt6core

_ZN10QArrayData19reallocateUnalignedEPS_PvxxNS_16AllocationOptionE
_ZN10QArrayData8allocateEPPS_xxxNS_16AllocationOptionE
_ZN10QByteArray6_emptyE
_ZN10QByteArray6appendERKS_
_ZN10QByteArray6insertEx14QByteArrayView
_ZN10QByteArray6resizeEx
_ZN10QByteArray8truncateEx
_ZN10QByteArrayC1EPKcx
_ZN10QByteArrayC1ExN2Qt14InitializationE
_ZN10QByteArrayC1Exc
_ZN11QDataStream11readRawDataEPcx
_ZN11QDataStream12setByteOrderENS_9ByteOrderE
_ZN11QDataStreamC1EP10QByteArray6QFlagsIN13QIODeviceBase12OpenModeFlagEE
_ZN11QDataStreamD1Ev
_ZN11QDataStreamrsERi
_ZN11QDataStreamrsERs
_ZN15QtSharedPointer20ExternalRefCountData9getAndRefEPK7QObject
_ZN16QLoggingCategoryC1EPKc9QtMsgType
_ZN16QLoggingCategoryD1Ev
_ZN21QAbstractConcatenable14appendLatin1ToE13QLatin1StringP5QChar
_ZN7QBuffer16staticMetaObjectE
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject5eventEP6QEvent
_ZN7QString11reallocDataExN10QArrayData16AllocationOptionE
_ZN7QString13toUtf8_helperERKS_
_ZN7QString17simplified_helperERKS_
_ZN7QString6_emptyE
_ZN7QString6appendE13QLatin1String
_ZN7QString6resizeEx
_ZN7QString8fromUtf8E14QByteArrayView
_ZN7QStringC1EPK5QCharx
_ZN7QStringaSE13QLatin1String
_ZN7QStringaSERKS_
_ZN8QVariantC1E5QRect
_ZN8QVariantC1E5QSize
_ZN8QVariantC1ERK7QString
_ZN8QVariantC1ERKS_
_ZN8QVariantC1Eb
_ZN8QVariantC1Ei
_ZN8QVariantD1Ev
_ZN9QIODevice4peekEPcx
_ZN9QIODevice4readEPcx
_ZN9QIODevice5writeEPKcx
_ZNK11QDataStream6statusEv
_ZNK11QMetaObject4castEPK7QObject
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK14QMessageLogger7warningEPKcz
_ZNK5QRectanERKS_
_ZNK7QBuffer4dataEv
_ZNK7QString7indexOfE13QLatin1StringxN2Qt15CaseSensitivityE
_ZNK7QString7indexOfE5QCharxN2Qt15CaseSensitivityE
_ZNK8QVariant5toIntEPb
_ZNK8QVariant6toBoolEv
_ZNK8QVariant6toRectEv
_ZNK8QVariant6toSizeEv
_ZNK8QVariant8toStringEv
_ZNK9QIODevice10isReadableEv
_ZNK9QIODevice10isWritableEv
_ZNK9QIODevice6isOpenEv
_ZNKR10QByteArray3midExx
_ZNKR7QString3midExx
qt_cpu_features
qt_version_tag_6_7

qt6gui

_Z15qt_getImageTextRK6QImageRK7QString
_Z17qt_imageTransformR6QImage6QFlagsIN15QImageIOHandler14TransformationEE
_Z26qt_convert_rgb888_to_rgb32PjPKhi
_Z32qt_convert_rgb888_to_rgb32_ssse3PjPKhi
_ZN11QColorSpace14fromIccProfileERK10QByteArray
_ZN11QColorSpaceD1Ev
_ZN12QPaintDeviceC2Ev
_ZN14QImageIOPlugin11qt_metacallEN11QMetaObject4CallEiPPv
_ZN14QImageIOPlugin11qt_metacastEPKc
_ZN14QImageIOPlugin16staticMetaObjectE
_ZN14QImageIOPluginC2EP7QObject
_ZN14QImageIOPluginD2Ev
_ZN15QImageIOHandler11jumpToImageEi
_ZN15QImageIOHandler13allocateImageE5QSizeN6QImage6FormatEPS1_
_ZN15QImageIOHandler15jumpToNextImageEv
_ZN15QImageIOHandler9setDeviceEP9QIODevice
_ZN15QImageIOHandler9setFormatERK10QByteArray
_ZN15QImageIOHandlerC2Ev
_ZN15QImageIOHandlerD2Ev
_ZN6QImage13setColorSpaceERK11QColorSpace
_ZN6QImage16setDotsPerMeterXEi
_ZN6QImage16setDotsPerMeterYEi
_ZN6QImage23convertToFormat_inplaceENS_6FormatE6QFlagsIN2Qt19ImageConversionFlagEE
_ZN6QImage7setTextERK7QStringS2_
_ZN6QImage8scanLineEi
_ZN6QImageC1ERKS_
_ZN6QImageD1Ev
_ZNK11QColorSpace10iccProfileEv
_ZNK15QImageIOHandler10imageCountEv
_ZNK15QImageIOHandler14nextImageDelayEv
_ZNK15QImageIOHandler16currentImageRectEv
_ZNK15QImageIOHandler18currentImageNumberEv
_ZNK15QImageIOHandler6deviceEv
_ZNK15QImageIOHandler9loopCountEv
_ZNK15QImageIOHandler9setFormatERK10QByteArray
_ZNK6QImage10colorCountEv
_ZNK6QImage10colorSpaceEv
_ZNK6QImage10colorTableEv
_ZNK6QImage13constScanLineEi
_ZNK6QImage13dotsPerMeterXEv
_ZNK6QImage13dotsPerMeterYEv
_ZNK6QImage22convertToFormat_helperENS_6FormatE6QFlagsIN2Qt19ImageConversionFlagEE
_ZNK6QImage4copyERK5QRect
_ZNK6QImage5widthEv
_ZNK6QImage6formatEv
_ZNK6QImage6heightEv
_ZNK6QImage6isNullEv
_ZNK6QImage6scaledERK5QSizeN2Qt15AspectRatioModeENS3_18TransformationModeE
_ZTV6QImage

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata_v2

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/16
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 336B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/27
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/42
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/54
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/68
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/93
Size: 1024B - Virtual size: 589B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/104
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/120
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/136
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c0a4aea44de147113493563e3d2062d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

libstdc++-6

libjpeg-9

qt6core

qt6gui

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 512B - Virtual size: 256B

.rdata Size: 3KB - Virtual size: 2KB

/4 Size: 512B - Virtual size: 160B

/16 Size: 512B - Virtual size: 16B

.pdata Size: 1024B - Virtual size: 1008B

.xdata Size: 1024B - Virtual size: 820B

.bss Size: - Virtual size: 336B

.edata Size: 512B - Virtual size: 117B

.idata Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 512B - Virtual size: 216B

/27 Size: 1024B - Virtual size: 816B

/42 Size: 32KB - Virtual size: 32KB

/54 Size: 6KB - Virtual size: 5KB

/68 Size: 6KB - Virtual size: 5KB

/80 Size: 3KB - Virtual size: 2KB

/93 Size: 1024B - Virtual size: 589B

/104 Size: 8KB - Virtual size: 7KB

/120 Size: 4KB - Virtual size: 4KB

/136 Size: 512B - Virtual size: 406B

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 512B - Virtual size: 256B

.rdata
Size: 3KB - Virtual size: 2KB

/4
Size: 512B - Virtual size: 160B

/16
Size: 512B - Virtual size: 16B

.pdata
Size: 1024B - Virtual size: 1008B

.xdata
Size: 1024B - Virtual size: 820B

.bss
Size: - Virtual size: 336B

.edata
Size: 512B - Virtual size: 117B

.idata
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 512B - Virtual size: 216B

/27
Size: 1024B - Virtual size: 816B

/42
Size: 32KB - Virtual size: 32KB

/54
Size: 6KB - Virtual size: 5KB

/68
Size: 6KB - Virtual size: 5KB

/80
Size: 3KB - Virtual size: 2KB

/93
Size: 1024B - Virtual size: 589B

/104
Size: 8KB - Virtual size: 7KB

/120
Size: 4KB - Virtual size: 4KB

/136
Size: 512B - Virtual size: 406B