074a80f8872789d61792050ca56c5ec0N

Sharing

Copy URL Twitter E-mail

General

Target

074a80f8872789d61792050ca56c5ec0N
Size

25KB
MD5

074a80f8872789d61792050ca56c5ec0
SHA1

aedfddecd89b31621a6129724ac855c1a7292b67
SHA256

f832148dc909ce7ca1ebd517e3279280f24e8bc7b83ecdd43f745b57440ae6ea
SHA512

2aefff70c6fde15644f99544135a194c28107cbe96ff4a09e9f05e4a39d27e940defbd01bf6906347671eae3bf5673f588909c8f841fc4fd0b3d39affb762b14
SSDEEP

384:8xj5FOR3QMwRgcJZCrrtNr70lnnl0aIwERuoA/xtlerhKX2UyV:8DvC3bel0aIhrIrlJX2UyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
074a80f8872789d61792050ca56c5ec0N

Files

074a80f8872789d61792050ca56c5ec0N
.dll windows:6 windows x64 arch:x64

c9776fcbc24ff60bbeec88ea4a95652f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\qt\work\qt\qtgamepad\plugins\gamepads\xinputgamepad.pdb

Imports

qt5gamepad

?qt_metacall@QGamepadBackend@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QGamepadBackend@@UEAAPEAXPEBD@Z
?staticMetaObject@QGamepadBackend@@2UQMetaObject@@B
??1QGamepadBackendPlugin@@UEAA@XZ
??0QGamepadBackendPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QGamepadBackendPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QGamepadBackendPlugin@@UEAAPEAXPEBD@Z
?staticMetaObject@QGamepadBackendPlugin@@2UQMetaObject@@B
?setSettingsFile@QGamepadBackend@@UEAAXAEBVQString@@@Z
?setCancelConfigureButton@QGamepadBackend@@UEAA_NHW4GamepadButton@QGamepadManager@@@Z
??0QGamepadBackend@@QEAA@PEAVQObject@@@Z
?resetConfiguration@QGamepadBackend@@UEAAXH@Z
?readSettings@QGamepadBackend@@UEAA?AVQVariant@@H@Z
?isConfigurationNeeded@QGamepadBackend@@UEAA_NH@Z
?configureButton@QGamepadBackend@@UEAA_NHW4GamepadButton@QGamepadManager@@@Z
?configureAxis@QGamepadBackend@@UEAA_NHW4GamepadAxis@QGamepadManager@@@Z
??1QGamepadBackend@@UEAA@XZ
?gamepadButtonReleased@QGamepadBackend@@QEAAXHW4GamepadButton@QGamepadManager@@@Z
?gamepadButtonPressed@QGamepadBackend@@QEAAXHW4GamepadButton@QGamepadManager@@N@Z
?gamepadAxisMoved@QGamepadBackend@@QEAAXHW4GamepadAxis@QGamepadManager@@N@Z
?gamepadRemoved@QGamepadBackend@@QEAAXH@Z
?gamepadAdded@QGamepadBackend@@QEAAXH@Z
?saveSettings@QGamepadBackend@@UEAAXHAEBVQVariant@@@Z

qt5core

?debug@QMessageLogger@@QEBA?AVQDebug@@XZ
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
??1QString@@QEAA@XZ
?debug@QMessageLogger@@QEBAXPEBDZZ
??0QLibrary@@QEAA@PEAVQObject@@@Z
??1QLibrary@@UEAA@XZ
?resolve@QLibrary@@QEAAP6AXXZPEBD@Z
?load@QLibrary@@QEAA_NXZ
?isLoaded@QLibrary@@QEBA_NXZ
?setFileName@QLibrary@@QEAAXAEBVQString@@@Z
?fileName@QLibrary@@QEBA?AVQString@@XZ
??1QDebug@@QEAA@XZ
??6QDebug@@QEAAAEAV0@PEBD@Z
??0QLoggingCategory@@QEAA@PEBD@Z
??1QLoggingCategory@@QEAA@XZ
?isDebugEnabled@QLoggingCategory@@QEBA_NXZ
??0QThread@@QEAA@PEAVQObject@@@Z
??1QThread@@UEAA@XZ
?start@QThread@@QEAAXW4Priority@1@@Z
?wait@QThread@@QEAA_NK@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?event@QThread@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?metaObject@QThread@@UEBAPEBUQMetaObject@@XZ
?qt_metacall@QThread@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QThread@@UEAAPEAXPEBD@Z
??0QMessageLogger@@QEAA@PEBDH00@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?toLocal8Bit@QString@@QEHAA?AVQByteArray@@XZ
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
Sleep
EnterCriticalSection
LeaveCriticalSection
CloseHandle

vcruntime140

memset
__C_specific_handler
__vcrt_InitializeCriticalSectionEx
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-math-l1-1-0

sqrt

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_initialize_narrow_environment
_crt_atexit
_cexit
_execute_onexit_table
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9776fcbc24ff60bbeec88ea4a95652f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt5gamepad

qt5core

kernel32

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 888B

.qtmetad Size: 512B - Virtual size: 128B

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 512B - Virtual size: 208B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 888B

.qtmetad
Size: 512B - Virtual size: 128B

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 512B - Virtual size: 208B