6f2291bc76d9eac716f3d0f3544ccd9ee3fe394e47245e80f5963cee297666cdN

Sharing

Copy URL Twitter E-mail

General

Target

6f2291bc76d9eac716f3d0f3544ccd9ee3fe394e47245e80f5963cee297666cdN
Size

48KB
MD5

8e6724923a3f716258049202f5628220
SHA1

040bfdf95e6fc2a18e8e5f98aa9cca0f21e01aa9
SHA256

6f2291bc76d9eac716f3d0f3544ccd9ee3fe394e47245e80f5963cee297666cd
SHA512

3441b109b0c4497e812130533e6a9ef4ad919b404c274621a989348ade6955985dee1bf525deb9c0b8fd60aee8e10e3e97262e4e7345e8e555135df2a1379985
SSDEEP

384:Ld+iPa8Yv1f/bJrIcu/g9RX0ahA3yhOfgbW/x4MejYbvCPalWweU5IfvCifklM6:RYvB9rS5iPsn/ISifklM6CaDZJlW0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f2291bc76d9eac716f3d0f3544ccd9ee3fe394e47245e80f5963cee297666cdN

Files

6f2291bc76d9eac716f3d0f3544ccd9ee3fe394e47245e80f5963cee297666cdN
.dll windows:6 windows x64 arch:x64

45ff9fa9759ce2a3207977a264a991c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\Users\qt\work\qt\qtgraphicaleffects\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.pdb

Imports

qt5quick

?qt_metacall@QQuickItem@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QQuickItem@@UEAAPEAXPEBD@Z
?staticMetaObject@QQuickItem@@2UQMetaObject@@B
?staticMetaObject@QQuickImage@@2UQMetaObject@@B
?staticMetaObject@QQuickShaderEffectSource@@2UQMetaObject@@B
?updatePolish@QQuickItem@@MEAAXXZ
?updatePaintNode@QQuickShaderEffectSource@@MEAAPEAVQSGNode@@PEAV2@PEAUUpdatePaintNodeData@QQuickItem@@@Z
?textureProvider@QQuickShaderEffectSource@@UEBAPEAVQSGTextureProvider@@XZ
?releaseResources@QQuickShaderEffectSource@@MEAAXXZ
?qt_metacast@QQuickShaderEffectSource@@UEAAPEAXPEBD@Z
?qt_metacall@QQuickShaderEffectSource@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?metaObject@QQuickShaderEffectSource@@UEBAPEBUQMetaObject@@XZ
?itemGeometryChanged@QQuickShaderEffectSource@@MEAAXPEAVQQuickItem@@VQQuickGeometryChange@@AEBVQRectF@@@Z
?itemChange@QQuickShaderEffectSource@@MEAAXW4ItemChange@QQuickItem@@AEBTItemChangeData@3@@Z
?isTextureProvider@QQuickShaderEffectSource@@UEBA_NXZ
?boundingRect@QQuickItem@@UEBA?AVQRectF@@XZ
?get@QQuickItemPrivate@@SAPEAV1@PEAVQQuickItem@@@Z
?setSourceRect@QQuickShaderEffectSource@@QEAAXAEBVQRectF@@@Z
?sourceRect@QQuickShaderEffectSource@@QEBA?AVQRectF@@XZ
?setSourceItem@QQuickShaderEffectSource@@QEAAXPEAVQQuickItem@@@Z
?sourceItem@QQuickShaderEffectSource@@QEBAPEAVQQuickItem@@XZ
??1QQuickShaderEffectSource@@UEAA@XZ
??0QQuickShaderEffectSource@@QEAA@PEAVQQuickItem@@@Z
?polish@QQuickItem@@QEAAXXZ
?setSmooth@QQuickItem@@QEAAX_N@Z
?smooth@QQuickItem@@QEBA_NXZ
?childItems@QQuickItem@@QEBA?AV?$QList@PEAVQQuickItem@@@@XZ
??1QQuickItem@@UEAA@XZ
??0QQuickItem@@QEAA@PEAV0@@Z
?windowDeactivateEvent@QQuickItem@@MEAAXXZ
?wheelEvent@QQuickItem@@MEAAXPEAVQWheelEvent@@@Z
?updatePaintNode@QQuickItem@@MEAAPEAVQSGNode@@PEAV2@PEAUUpdatePaintNodeData@1@@Z
?touchUngrabEvent@QQuickItem@@MEAAXXZ
?touchEvent@QQuickItem@@MEAAXPEAVQTouchEvent@@@Z
?textureProvider@QQuickItem@@UEBAPEAVQSGTextureProvider@@XZ
?releaseResources@QQuickItem@@MEAAXXZ
?mouseUngrabEvent@QQuickItem@@MEAAXXZ
?mouseReleaseEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?mousePressEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?mouseMoveEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?keyReleaseEvent@QQuickItem@@MEAAXPEAVQKeyEvent@@@Z
?keyPressEvent@QQuickItem@@MEAAXPEAVQKeyEvent@@@Z
?itemChange@QQuickItem@@MEAAXW4ItemChange@1@AEBTItemChangeData@1@@Z
?isTextureProvider@QQuickItem@@UEBA_NXZ
?inputMethodQuery@QQuickItem@@UEBA?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?inputMethodEvent@QQuickItem@@MEAAXPEAVQInputMethodEvent@@@Z
?hoverMoveEvent@QQuickItem@@MEAAXPEAVQHoverEvent@@@Z
?hoverLeaveEvent@QQuickItem@@MEAAXPEAVQHoverEvent@@@Z
?hoverEnterEvent@QQuickItem@@MEAAXPEAVQHoverEvent@@@Z
?geometryChanged@QQuickItem@@MEAAXAEBVQRectF@@0@Z
?focusOutEvent@QQuickItem@@MEAAXPEAVQFocusEvent@@@Z
?focusInEvent@QQuickItem@@MEAAXPEAVQFocusEvent@@@Z
?event@QQuickItem@@MEAA_NPEAVQEvent@@@Z
?dropEvent@QQuickItem@@MEAAXPEAVQDropEvent@@@Z
?dragMoveEvent@QQuickItem@@MEAAXPEAVQDragMoveEvent@@@Z
?dragLeaveEvent@QQuickItem@@MEAAXPEAVQDragLeaveEvent@@@Z
?dragEnterEvent@QQuickItem@@MEAAXPEAVQDragEnterEvent@@@Z
?contains@QQuickItem@@UEBA_NAEBVQPointF@@@Z
?componentComplete@QQuickItem@@MEAAXXZ
?clipRect@QQuickItem@@UEBA?AVQRectF@@XZ
?classBegin@QQuickItem@@MEAAXXZ
?childMouseEventFilter@QQuickItem@@MEAA_NPEAV1@PEAVQEvent@@@Z
?fillMode@QQuickImage@@QEBA?AW4FillMode@1@XZ

qt5gui

?isOpenGLES@QOpenGLContext@@QEBA_NXZ
?majorVersion@QSurfaceFormat@@QEBAHXZ
??0QOffscreenSurface@@QEAA@PEAVQScreen@@@Z
??1QOffscreenSurface@@UEAA@XZ
?create@QOffscreenSurface@@QEAAXXZ
?setFormat@QOffscreenSurface@@QEAAXAEBVQSurfaceFormat@@@Z
??0QOpenGLContext@@QEAA@PEAVQObject@@@Z
??1QOpenGLContext@@UEAA@XZ
?create@QOpenGLContext@@QEAA_NXZ
?format@QOpenGLContext@@QEBA?AVQSurfaceFormat@@XZ
?makeCurrent@QOpenGLContext@@QEAA_NPEAVQSurface@@@Z
?doneCurrent@QOpenGLContext@@QEAAXXZ
?surface@QOpenGLContext@@QEBAPEAVQSurface@@XZ
?currentContext@QOpenGLContext@@SAPEAV1@XZ
?glGetIntegerv@QOpenGLFunctions@@QEAAXIPEAH@Z
??1QSurfaceFormat@@QEAA@XZ
?functions@QOpenGLContext@@QEBAPEAVQOpenGLFunctions@@XZ

qt5qml

?toBool@QJSValue@@QEBA_NXZ
?staticMetaObject@QQmlExtensionPlugin@@2UQMetaObject@@B
?qt_metacast@QQmlExtensionPlugin@@UEAAPEAXPEBD@Z
?qt_metacall@QQmlExtensionPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
??0QQmlExtensionPlugin@@QEAA@PEAVQObject@@@Z
??1QQmlExtensionPlugin@@UEAA@XZ
??0QJSValue@@QEAA@AEBV0@@Z
??0QJSValue@@QEAA@W4SpecialValue@0@@Z
?property@QJSValue@@QEBA?AV1@AEBVQString@@@Z
?qdeclarativeelement_destructor@QQmlPrivate@@YAXPEAVQObject@@@Z
?toNumber@QJSValue@@QEBANXZ
??1QJSValue@@QEAA@XZ
?initializeEngine@QQmlExtensionPlugin@@UEAAXPEAVQQmlEngine@@PEBD@Z
?qmlregister@QQmlPrivate@@YAHW4RegistrationType@1@PEAX@Z

qt5core

?qt_metacall@QObject@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QObject@@UEAAPEAXPEBD@Z
?activate@QMetaObject@@SAXPEAVQObject@@PEBU1@HPEAPEAX@Z
?normalizedType@QMetaObject@@SA?AVQByteArray@@PEBD@Z
?staticMetaObject@QObject@@2UQMetaObject@@B
?convert@QVariant@@QEBA_NHPEAX@Z
?constData@QVariant@@QEBAPEBXXZ
?toBool@QVariant@@QEBA_NXZ
?userType@QVariant@@QEBAHXZ
??0QVariant@@QEAA@AEBVQRectF@@@Z
??0QVariant@@QEAA@_N@Z
?property@QObject@@QEBA?AVQVariant@@PEBD@Z
?setProperty@QObject@@QEAA_NPEBDAEBVQVariant@@@Z
?typeFlags@QMetaType@@SA?AV?$QFlags@W4TypeFlag@QMetaType@@@@H@Z
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
?dispose@QListData@@SAXPEAUData@1@@Z
?shared_null@QMapDataBase@@2U1@B
??6QDebug@@QEAAAEAV0@PEBD@Z
??1QDebug@@QEAA@XZ
??4QVariant@@QEAAAEAV0@$$QEAV0@@Z
??4QVariant@@QEAAAEAV0@AEBV0@@Z
??0QVariant@@QEAA@AEBVQByteArray@@@Z
??0QVariant@@QEAA@PEBD@Z
??0QVariant@@QEAA@AEBV0@@Z
??1QVariant@@QEAA@XZ
??0QVariant@@QEAA@XZ
?freeData@QMapDataBase@@SAXPEAU1@@Z
?createData@QMapDataBase@@SAPEAU1@XZ
?freeTree@QMapDataBase@@QEAAXPEAUQMapNodeBase@@H@Z
?createNode@QMapDataBase@@QEAAPEAUQMapNodeBase@@HHPEAU2@_N@Z
?recalcMostLeftNode@QMapDataBase@@QEAAXXZ
??1QObject@@UEAA@XZ
??0QObject@@QEAA@PEAV0@@Z
??M@YA_NAEBVQString@@0@Z
??0QString@@QEAA@AEBV0@@Z
?number@QByteArray@@SA?AV1@NDH@Z
?number@QByteArray@@SA?AV1@HH@Z
?append@QByteArray@@QEAAAEAV1@AEBV1@@Z
??4QByteArray@@QEAAAEAV0@AEBV0@@Z
??0QByteArray@@QEAA@AEBV0@@Z
?qIsNaN@@YA_NN@Z
?debug@QMessageLogger@@QEBA?AVQDebug@@XZ
??0QMessageLogger@@QEAA@PEBDH0@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?registerNormalizedTypedef@QMetaType@@SAHAEBVQByteArray@@H@Z
??1QString@@QEAA@XZ
??0QString@@QEAA@XZ
?append@QByteArray@@QEAAAEAV1@PEBD@Z
?append@QByteArray@@QEAAAEAV1@D@Z
?reserve@QByteArray@@QEAAXH@Z
??1QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??0QByteArray@@QEAA@XZ
?className@QMetaObject@@QEBAPEBDXZ
?registerNormalizedType@QMetaType@@SAHAEBVQByteArray@@P6AXPEAX@ZP6APEAX1PEBX@ZHV?$QFlags@W4TypeFlag@QMetaType@@@@PEBUQMetaObject@@@Z

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

memcpy
__C_specific_handler
__vcrt_InitializeCriticalSectionEx
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-math-l1-1-0

exp

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_configure_narrow_argv
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45ff9fa9759ce2a3207977a264a991c7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt5quick

qt5gui

qt5qml

qt5core

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.qtmetad Size: 512B - Virtual size: 280B

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 52B

.rsrc Size: 1024B - Virtual size: 864B

.reloc Size: 512B - Virtual size: 504B

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 280B

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 52B

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 512B - Virtual size: 504B