72e554e4600a30a68039988dd3577883ea71b1d8ecf98d185ea964714dcccbf7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72e554e4600a30a68039988dd3577883ea71b1d8ecf98d185ea964714dcccbf7
Size

2.3MB
MD5

4954c1a3566ed0f324a4133ed0513220
SHA1

31717ecb2b3b6c70199b623d435cf41e9bf8771d
SHA256

72e554e4600a30a68039988dd3577883ea71b1d8ecf98d185ea964714dcccbf7
SHA512

8401dbdbbce01e3bb50c9c070d8a01c4662234b7996dd739ae9284c579634c5f146bf32db390c3c506a67eb7660dbec05751c6fc3a9e354319e9fca3cc282849
SSDEEP

49152:/IS6Ih4B5DBTG88mfBwbddgnLvmnXemwp2vs37+cX16Iyl:wMuG88SmfymnuZh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72e554e4600a30a68039988dd3577883ea71b1d8ecf98d185ea964714dcccbf7

Files

72e554e4600a30a68039988dd3577883ea71b1d8ecf98d185ea964714dcccbf7
.exe windows:6 windows x64 arch:x64

b485e2c4990aae4de1d6f484dda6fb26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

qt5network

??1QNetworkRequest@@QEAA@XZ

wtsapi32

WTSFreeMemory

qt5winextras

??1QWinTaskbarButton@@UEAA@XZ

heif

heif_context_free

user32

GetDC

gdi32

DeleteDC

advapi32

RegOpenKeyExW

shell32

SHGetFileInfoA

qt5widgets

??1QFrame@@UEAA@XZ

qt5gui

??0QFont@@QEAA@XZ

qt5core

??0QUrl@@QEAA@XZ

iphlpapi

GetAdaptersInfo

Sections

.MPRESS1
Size: 2.2MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE