301376cbeac16279524f7ea6dc0c2da8b64efbbf785bf146502f34f3e3d2f492N

Sharing

Copy URL Twitter E-mail

General

Target

301376cbeac16279524f7ea6dc0c2da8b64efbbf785bf146502f34f3e3d2f492N
Size

109KB
MD5

0dae3fa08d0391d70782c6f867b86ac0
SHA1

7623a1a106f28d7d5697f6151eacf4f0beeb5434
SHA256

301376cbeac16279524f7ea6dc0c2da8b64efbbf785bf146502f34f3e3d2f492
SHA512

b13bb342d4dac8d79d3c7a8e54505ed6a44466705b91bb75ac9bd0ac91b06548b38eb2b950b4e0b4c6ab2d1917f0580def50b13c65e43ed92d04b48298970080
SSDEEP

1536:JrZnL4Z6CsvfCtMivAvpDlt563ouKGXLhznwK3B1A:t1D7fCeivAvDtUvFB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
301376cbeac16279524f7ea6dc0c2da8b64efbbf785bf146502f34f3e3d2f492N

Files

301376cbeac16279524f7ea6dc0c2da8b64efbbf785bf146502f34f3e3d2f492N
.dll windows:6 windows x64 arch:x64

be0858c41110636e4068ac95f6b16d73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Imports

libkritaui

_ZN11KisDocument15createUndoStoreEv
_ZN11KisDocument15setCurrentImageE12KisSharedPtrI8KisImageEbS0_I7KisNodeE
_ZN11KisDocument16setFileBatchModeEb
_ZN11KisDocument27setInfiniteAutoSaveIntervalEv
_ZN11KisDocument8openPathERK7QString6QFlagsINS_8OpenFlagEE
_ZN21KisImportExportFilter11qt_metacallEN11QMetaObject4CallEiPPv
_ZN21KisImportExportFilter11qt_metacastEPKc
_ZN21KisImportExportFilter12exportChecksEv
_ZN21KisImportExportFilter16staticMetaObjectE
_ZN21KisImportExportFilter22initializeCapabilitiesEv
_ZN21KisImportExportFilterC2EP7QObject
_ZN21KisImportExportFilterD2Ev
_ZN24KisImportExportErrorCodeC1EN17ImportExportCodes11ErrorCodeIDE
_ZN7KisPart8instanceEv
_ZNK11KisDocument5imageEv
_ZNK21KisImportExportFilter20defaultConfigurationERK10QByteArrayS2_
_ZNK21KisImportExportFilter25createConfigurationWidgetEP7QWidgetRK10QByteArrayS4_
_ZNK21KisImportExportFilter6verifyERK7QString
_ZNK21KisImportExportFilter8filenameEv
_ZNK21KisImportExportFilter9batchModeEv
_ZNK24KisImportExportErrorCode4isOkEv
_ZNK7KisPart14createDocumentEv
_ZNK7KisPart17currentMainwindowEv

libkritaimage

_ZN11KisBaseNode15enableAnimationEv
_ZN11KisBaseNode16setCompositeOpIdERK7QString
_ZN11KisBaseNode18getKeyframeChannelERK7QStringb
_ZN13KisNodeFacade7addNodeE12KisSharedPtrI7KisNodeES2_
_ZN13KisPaintLayerC1E16KisWeakSharedPtrI8KisImageERK7QStringhPK12KoColorSpace
_ZN18KisKeyframeChannel11addKeyframeEiP13KUndo2Command
_ZN18KisKeyframeChannel6RasterE
_ZN24KisRasterKeyframeChannel11importFrameEi12KisSharedPtrI14KisPaintDeviceEP13KUndo2Command
_ZN24KisRasterKeyframeChannel16staticMetaObjectE
_ZN26KisImageAnimationInterface12setFramerateEi
_ZN26KisImageAnimationInterface16setDocumentRangeE11KisTimeSpan
_ZN8KisImage11barrierLockEb
_ZN8KisImage13setResolutionEdd
_ZN8KisImage6unlockEv
_ZN8KisImageC1EP12KisUndoStoreiiPK12KoColorSpaceRK7QString
_ZNK13KisNodeFacade4rootEv
_ZNK8KisImage10colorSpaceEv
_ZNK8KisImage10projectionEv
_ZNK8KisImage13nextLayerNameERK7QString
_ZNK8KisImage18animationInterfaceEv

libkritapigment

Integer8BitsColorDepthID
RGBAColorModelID
_ZN20KoColorSpaceRegistry10colorSpaceERK7QStringS2_PK14KoColorProfile
_ZN20KoColorSpaceRegistry8instanceEv

libkf5coreaddons

_ZN14KPluginFactory11qt_metacallEN11QMetaObject4CallEiPPv
_ZN14KPluginFactory11qt_metacastEPKc
_ZN14KPluginFactory12createObjectEP7QObjectPKcRK11QStringList
_ZN14KPluginFactory14registerPluginERK7QStringPK11QMetaObjectPFP7QObjectP7QWidgetS7_RK5QListI8QVariantEE
_ZN14KPluginFactory16createPartObjectEP7QWidgetP7QObjectPKcRK11QStringList
_ZN14KPluginFactory16staticMetaObjectE
_ZN14KPluginFactory6createEPKcP7QWidgetP7QObjectRK5QListI8QVariantERK7QString
_ZN14KPluginFactoryC2Ev
_ZN14KPluginFactoryD2Ev

libkritaglobal

_Z12kisBacktracev
_Z6_41000v
_Z6_41008v
_ZN28KisCursorOverrideLockAdapter4lockEv
_ZN28KisCursorOverrideLockAdapter6unlockEv
_ZN28KisCursorOverrideLockAdapterC2ERK7QCursor
_ZN28KisCursorOverrideLockAdapterD2Ev
_ZNK4KoID2idEv

qt5widgets

_ZN10QStatusBar12clearMessageEv
_ZNK11QMainWindow9statusBarEv

qt5gui

_ZN7QCursorC1EN2Qt11CursorShapeE
_ZN7QCursorD1Ev

qt5core

_Z9qBadAllocv
_ZN10QArrayData10deallocateEPS_yy
_ZN10QArrayData11shared_nullE
_ZN10QArrayData8allocateEyyy6QFlagsINS_16AllocationOptionEE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN10QByteArrayC1EPKci
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN11QTextStreamlsEx
_ZN15QtSharedPointer20ExternalRefCountData9getAndRefEPK7QObject
_ZN16QCoreApplication13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE
_ZN5QChar8categoryEj
_ZN6QDebug9putStringEPK5QChary
_ZN6QDebugD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QRegExpC1ERK7QStringN2Qt15CaseSensitivityENS_13PatternSyntaxE
_ZN7QRegExpD1Ev
_ZN7QString11reallocDataEjb
_ZN7QString14compare_helperEPK5QChariPKciN2Qt15CaseSensitivityE
_ZN7QString14toUpper_helperERS_
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString16fromAscii_helperEPKci
_ZN7QString6appendERKS_
_ZN7QString7replaceERKS_S1_N2Qt15CaseSensitivityE
_ZN7QStringaSERKS_
_ZN9QFileInfoC1ERK7QString
_ZN9QFileInfoD1Ev
_ZN9QIODevice8readLineEx
_ZNK11QMetaObject4castEP7QObject
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK14QMessageLogger5debugEv
_ZNK14QMessageLogger7warningEv
_ZNK7QString11lastIndexOfERK7QRegExpi
_ZNK7QString11lastIndexOfERKS_iN2Qt15CaseSensitivityE
_ZNK7QString3midEii
_ZNK7QString4leftEi
_ZNK7QString5rightEi
_ZNK7QString5toIntEPbi
_ZNK7QString7toFloatEPb
_ZNK9QFileInfo5isDirEv
_ZeqRK7QStringS1_

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

libc++

_ZSt9terminatev
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdlPv
_Znwy
__cxa_begin_catch
__cxa_end_catch
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__gxx_personality_seh0

libunwind

_Unwind_Resume

api-ms-win-crt-private-l1-1-0

memcpy

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort

api-ms-win-crt-string-l1-1-0

strcmp
strlen
strncmp

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/5535
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be0858c41110636e4068ac95f6b16d73

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libkritaui

libkritaimage

libkritapigment

libkf5coreaddons

libkritaglobal

qt5widgets

qt5gui

qt5core

kernel32

libc++

libunwind

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 17KB - Virtual size: 17KB

.buildid Size: 512B - Virtual size: 53B

.data Size: 512B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 708B

.qtmetad Size: 512B - Virtual size: 240B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 292B

/5535 Size: 512B - Virtual size: 32B

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 17KB - Virtual size: 17KB

.buildid
Size: 512B - Virtual size: 53B

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 708B

.qtmetad
Size: 512B - Virtual size: 240B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 292B

/5535
Size: 512B - Virtual size: 32B