74c4a0cdb947563b7084d01e1c2c5930N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

74c4a0cdb947563b7084d01e1c2c5930N.exe
Size

21KB
MD5

74c4a0cdb947563b7084d01e1c2c5930
SHA1

4175eedb88f64a89685acb3224a13fe943baff70
SHA256

3ef965f42b4f4d2ca393915d96173327c38d742debf7fa534e29500bbddbe482
SHA512

e4c319fc8b317554d7c62431cb4a5e5f0f1881e1e638babb5709585beff79a6029a034a035868f9a19d9f2e83dfce1f6554a10786eee62aac254f22921d2dfbf
SSDEEP

384:GRM/eW6cSFi3gMxAGrCtLcz2+5t2dLLs/oCvOjzSNSw:GM/ZSFi/AMCtIz2+5tOOrvOfSNSw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74c4a0cdb947563b7084d01e1c2c5930N.exe

Files

74c4a0cdb947563b7084d01e1c2c5930N.exe
.exe windows:5 windows x86 arch:x86

241c295850b23308217bad8e87aa33d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qtdeclarative4

?rootContext@QDeclarativeEngine@@QBEPAVQDeclarativeContext@@XZ
?setContextObject@QDeclarativeContext@@QAEXPAVQObject@@@Z
?setSource@QDeclarativeView@@QAEXABVQUrl@@@Z
??1QDeclarativeView@@UAE@XZ
?engine@QDeclarativeView@@QBEPAVQDeclarativeEngine@@XZ
??0QDeclarativeView@@QAE@PAVQWidget@@@Z
?qmlregister@QDeclarativePrivate@@YAHW4RegistrationType@1@PAX@Z

qtgui4

?show@QWidget@@QAEXXZ
?setGeometry@QWidget@@QAEXABVQRect@@@Z
??0QApplication@@QAE@AAHPAPADH@Z
??1QApplication@@UAE@XZ
?exec@QApplication@@SAHXZ

qtcore4

?staticMetaObject@QObject@@2UQMetaObject@@B
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
?qt_metacast@QObject@@UAEPAXPBD@Z
?setObjectName@QObject@@QAEXABVQString@@@Z
?currentTime@QTime@@SA?AV1@XZ
??0QTime@@QAE@HHHH@Z
?secsTo@QTime@@QBEHABV1@@Z
?singleShot@QTimer@@SAXHPAVQObject@@PBD@Z
?append@QListData@@QAEPAPAXXZ
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?detach@QListData@@QAEPAUData@1@H@Z
?shared_null@QListData@@2UData@1@A
??1QObject@@UAE@XZ
?disconnectNotify@QObject@@MAEXPBD@Z
?connectNotify@QObject@@MAEXPBD@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
??0QObject@@QAE@PAV0@@Z
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
??0QUrl@@QAE@ABVQString@@@Z
??1QUrl@@QAE@XZ
?connect@QObject@@SA_NPBV1@PBD01W4ConnectionType@Qt@@@Z
??1QString@@QAE@XZ
?shared_null@QString@@0UData@1@A
?registerType@QMetaType@@SAHPBDP6AXPAX@ZP6APAXPBX@Z@Z
?free@QString@@CAXPAUData@1@@Z
??0QByteArray@@QAE@PBD@Z
?append@QByteArray@@QAEAAV1@ABV1@@Z
?append@QByteArray@@QAEAAV1@D@Z
?append@QByteArray@@QAEAAV1@PBD@Z
?qFree@@YAXPAX@Z
??1QByteArray@@QAE@XZ
?fromWCharArray@QString@@SA?AV1@PBGH@Z
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
?detach@QByteArray@@QAEXXZ
?qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV?$QVector@PAD@@@Z
?reallocate@QVectorData@@SAPAU1@PAU1@HHH@Z
?qMemSet@@YAPAXPAXHI@Z
?allocate@QVectorData@@SAPAU1@HH@Z
?qBadAlloc@@YAXXZ
?free@QVectorData@@SAXPAU1@H@Z

msvcr90

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
srand
rand
_CxxThrowException
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler3

kernel32

GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ropf
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

241c295850b23308217bad8e87aa33d1

Headers

DLL Characteristics

File Characteristics

Imports

qtdeclarative4

qtgui4

qtcore4

msvcr90

kernel32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 960B

.ropf Size: 512B - Virtual size: 117B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 960B

.ropf
Size: 512B - Virtual size: 117B