eaa0193a943084fc56b5fce7b113e240N

Sharing

Copy URL Twitter E-mail

General

Target

eaa0193a943084fc56b5fce7b113e240N
Size

412KB
MD5

eaa0193a943084fc56b5fce7b113e240
SHA1

dcbae04f052d3856288f430db4e4119655e96933
SHA256

6ccdd447bc67313cd768d777db5caefff47dda5f44973e269af6cd7a9bf3b696
SHA512

02ac47d05f0f690f77c67c7f1147105339468d7c42a0758877c08e4ebc1b03f83474c80cfbe40e74be0e287079c43c4a036db8598fa4031efb491fa23248a4b0
SSDEEP

3072:w4QzsLwLOL49Vz2Msu+elpJdw4YbGEfnMd+CWr7GWi5GEC:w4gBOL4952MjhXdngM6r7GWqG7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaa0193a943084fc56b5fce7b113e240N

Files

eaa0193a943084fc56b5fce7b113e240N
.exe windows:4 windows x86 arch:x86

c36da7b6d3330bf7f99de4cfe69f96f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qtcore4

?toWCharArray@QString@@QBEHPAG@Z
?fromWCharArray@QString@@SA?AV1@PBGH@Z
??1QString@@QAE@XZ
?exit@QCoreApplication@@SAXH@Z
?free@QString@@CAXPAUData@1@@Z
??1QObject@@UAE@XZ
?connect@QObject@@SA_NPBV1@PBD01W4ConnectionType@Qt@@@Z
??0QObject@@QAE@PAV0@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXPBD@Z
?disconnectNotify@QObject@@MAEXPBD@Z
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
?detach@QByteArray@@QAEXXZ
?qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV?$QVector@PAD@@@Z
?reallocate@QVectorData@@SAPAU1@PAU1@HHH@Z
?qMemSet@@YAPAXPAXHI@Z
?allocate@QVectorData@@SAPAU1@HH@Z
?qBadAlloc@@YAXXZ
?staticMetaObject@QObject@@2UQMetaObject@@B
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QObject@@UAEPAXPBD@Z
?qUnregisterResourceData@@YA_NHPBE00@Z
?qRegisterResourceData@@YA_NHPBE00@Z
?arguments@QCoreApplication@@SA?AVQStringList@@XZ
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
?toUInt@QString@@QBEIPA_NH@Z
?write@QIODevice@@QAE_JPBD_J@Z
?detach@QListData@@QAEPAUData@1@H@Z
??0QString@@QAE@ABV0@@Z
?qFree@@YAXPAX@Z
?free@QVectorData@@SAXPAU1@H@Z

qtgui4

?setVisible@QSystemTrayIcon@@QAEX_N@Z
?showMessage@QSystemTrayIcon@@QAEXABVQString@@0W4MessageIcon@1@H@Z
??1QIcon@@QAE@XZ
??0QSystemTrayIcon@@QAE@ABVQIcon@@PAVQObject@@@Z
??0QIcon@@QAE@ABVQString@@@Z
?metaObject@QSystemTrayIcon@@UBEPBUQMetaObject@@XZ
?qt_metacast@QSystemTrayIcon@@UAEPAXPBD@Z
?qt_metacall@QSystemTrayIcon@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?event@QSystemTrayIcon@@MAE_NPAVQEvent@@@Z
??1QSystemTrayIcon@@UAE@XZ
?information@QMessageBox@@SA?AW4StandardButton@1@PAVQWidget@@ABVQString@@1W421@2@Z
??1QApplication@@UAE@XZ
?exec@QApplication@@SAHXZ
??0QApplication@@QAE@AAHPAPADH@Z

qtnetwork4

??1QTcpSocket@@UAE@XZ
??1QHostAddress@@QAE@XZ
?connectToHost@QAbstractSocket@@QAEXABVQHostAddress@@GV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QHostAddress@@QAE@W4SpecialAddress@0@@Z
??0QTcpSocket@@QAE@PAVQObject@@@Z
?disconnectFromHost@QAbstractSocket@@QAEXXZ

comn

GetObjectLang

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
GetCommandLineW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
Sleep

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_except_handler4_common
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
memset
_CxxThrowException
??2@YAPAXI@Z
memcpy
__CxxFrameHandler3
_invoke_watson
_controlfp_s
__setusermatherr
??3@YAXPAX@Z

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c36da7b6d3330bf7f99de4cfe69f96f3

Headers

File Characteristics

Imports

qtcore4

qtgui4

qtnetwork4

comn

kernel32

msvcr80

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 300KB - Virtual size: 297KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 300KB - Virtual size: 297KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 76KB - Virtual size: 76KB