Overview

overview

4

Static

static

3

1.3.1-win-test.exe

windows7-x64

4

1.3.1-win-test.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$_10_/Qt5Core.dll

windows7-x64

3

$_10_/Qt5Core.dll

windows10-2004-x64

3

$_10_/Qt5Gui.dll

windows7-x64

3

$_10_/Qt5Gui.dll

windows10-2004-x64

3

$_10_/Qt5M...ia.dll

windows7-x64

3

$_10_/Qt5M...ia.dll

windows10-2004-x64

3

$_10_/Qt5Network.dll

windows7-x64

3

$_10_/Qt5Network.dll

windows10-2004-x64

3

$_10_/Qt5P...rt.dll

windows7-x64

3

$_10_/Qt5P...rt.dll

windows10-2004-x64

3

$_10_/Qt5Sql.dll

windows7-x64

3

$_10_/Qt5Sql.dll

windows10-2004-x64

3

$_10_/Qt5Svg.dll

windows7-x64

3

$_10_/Qt5Svg.dll

windows10-2004-x64

3

$_10_/Qt5Widgets.dll

windows7-x64

3

$_10_/Qt5Widgets.dll

windows10-2004-x64

3

$_10_/Qt5Xml.dll

windows7-x64

3

$_10_/Qt5Xml.dll

windows10-2004-x64

3

$_10_/USI_...20.dll

windows7-x64

3

$_10_/USI_...20.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.3.1-win-test.exe

  • Size

    29.1MB

  • MD5

    0385a6642c648e72699e5919ba4cdb2a

  • SHA1

    ab17f308025ce7faf23209e2ff442e12260284b3

  • SHA256

    b116cbf112ad9e68f7c38fcd63cc862c7e9ee42734bc47d128ef52b7eae6cc4b

  • SHA512

    da08fe0d76753e8fc72ea79b1b8fedc00b054f2a176c88617d19631712fe2eaa33de150ca812acac58759b068ffdafe80a787686615b6b2799dcd01257f2223c

  • SSDEEP

    393216:OjXIu91Bw8N57zn8wyu+q1gRTP8QzgvKDal2l4fyTP2p3DdIP3o+W2pnQ33N3aJw:OjIFOUuTezeKDaSzTPc3yP4+W2mHdXiq

Score
3/10

Malware Config

Signatures

  • Embeds OpenSSL 1 IoCs

    Embeds OpenSSL, may be used to circumvent TLS interception.

  • Unsigned PE 59 IoCs

    Checks for missing Authenticode signature.

Files

  • 1.3.1-win-test.exe
    .exe windows:4 windows x86 arch:x86

    730491907e677638ab304e28646ba09c


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Banner.dll
    .dll windows:4 windows x86 arch:x86

    496f13fd294c1a02b85066b9356caf79


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:5 windows x86 arch:x86

    59070d80178eb0db7b7113b7a8608502


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    d97200bf79843dac1c997cdc037e76af


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    c442f1649aa0670a32c622fadfcd00bd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:5 windows x86 arch:x86

    439074d1c01f7b16781bdf060930814a


    Headers

    Imports

    Exports

    Sections

  • $_10_/$_10_/uninstall.exe.nsis
  • $_10_/Qt5Core.dll
    .dll windows:4 windows x86 arch:x86

    a1c6af99ab9671ebf158f595e0f3ea27


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5Gui.dll
    .dll windows:4 windows x86 arch:x86

    779e36deff6dfa3ad6377310cb75b2b6


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5Multimedia.dll
    .dll windows:4 windows x86 arch:x86

    ead936c40b5cf060795582912a3c74a1


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5Network.dll
    .dll windows:4 windows x86 arch:x86

    00cc94a807700acd227187026983e71e


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5PrintSupport.dll
    .dll windows:4 windows x86 arch:x86

    e2ec1c8c9287399d3995c6b8e6dc7031


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5Sql.dll
    .dll windows:4 windows x86 arch:x86

    483681a1c944fce11bf6992cfc27bdac


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5Svg.dll
    .dll windows:4 windows x86 arch:x86

    ed441885c13612603017537c7dc1b13c


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5Widgets.dll
    .dll windows:4 windows x86 arch:x86

    737b4a202b418ddc239e6491a66e05a1


    Headers

    Imports

    Exports

    Sections

  • $_10_/Qt5Xml.dll
    .dll windows:4 windows x86 arch:x86

    1bc97eec7ead322bc578d5c9ac277184


    Headers

    Imports

    Exports

    Sections

  • $_10_/USI_lib_0x20.dll
    .dll windows:4 windows x86 arch:x86

    7eb4ae59bd85e6bfe69b84c2e0ac99d2


    Headers

    Imports

    Exports

    Sections

  • $_10_/audio/qtaudio_windows.dll
    .dll windows:4 windows x86 arch:x86

    7626979332ce6d759994d8c66939fbe2


    Headers

    Imports

    Exports

    Sections

  • $_10_/bearer/qgenericbearer.dll
    .dll windows:4 windows x86 arch:x86

    d9fc33c2257ef844b4c82db02a8b6a58


    Headers

    Imports

    Exports

    Sections

  • $_10_/iconengines/qsvgicon.dll
    .dll windows:4 windows x86 arch:x86

    7ef8eb056bb58fb520cc2acc6372af45


    Headers

    Imports

    Exports

    Sections

  • $_10_/icudt74.dll
    .dll windows:4 windows x86 arch:x86

    be071bb521f8ef20b941e6317bba256e


    Headers

    Imports

    Exports

    Sections

  • $_10_/icuin74.dll
    .dll windows:4 windows x86 arch:x86

    d25e33817657260304c8a8a35e9d365f


    Headers

    Imports

    Exports

    Sections

  • $_10_/icuuc74.dll
    .dll windows:4 windows x86 arch:x86

    2c01bf9cb9556b5accf32ab8d9ac8de7


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qgif.dll
    .dll windows:4 windows x86 arch:x86

    1ca76f36f8e503cd01c4a5dccd0d54db


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qicns.dll
    .dll windows:4 windows x86 arch:x86

    1e39dd931d7cc44269d7e8a3ac064b79


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qico.dll
    .dll windows:4 windows x86 arch:x86

    8a901c509cc401fd7ff7c8d276b95136


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qjp2.dll
    .dll windows:4 windows x86 arch:x86

    54493ffa61dc4dcaf743800a6ec2457c


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qjpeg.dll
    .dll windows:4 windows x86 arch:x86

    d17327f883898cf05a913c8f5bd18307


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qmng.dll
    .dll windows:4 windows x86 arch:x86

    3887748bced6d2ebd28aa37319705b8b


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qsvg.dll
    .dll windows:4 windows x86 arch:x86

    9c7b308218860e2a9b812df70ef6840e


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qtga.dll
    .dll windows:4 windows x86 arch:x86

    ede4caed8116609756f93e3dad82f1c4


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qtiff.dll
    .dll windows:4 windows x86 arch:x86

    4a63e8302331d1ee38ed901f98689da4


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qwbmp.dll
    .dll windows:4 windows x86 arch:x86

    45ab30089f3679e53694d7ec402f5d26


    Headers

    Imports

    Exports

    Sections

  • $_10_/imageformats/qwebp.dll
    .dll windows:4 windows x86 arch:x86

    dfb69916336c84f6441de1fd0f48b359


    Headers

    Imports

    Exports

    Sections

  • $_10_/libbrotlicommon.dll
    .dll .js windows:4 windows x86 arch:x86 polyglot

    c9cbc8cbfccd689cbaa56eb31408c993


    Headers

    Imports

    Exports

    Sections

  • $_10_/libbrotlidec.dll
    .dll windows:4 windows x86 arch:x86

    8b59ebe6b1f86b51aa7f49f2d215a4f7


    Headers

    Imports

    Exports

    Sections

  • $_10_/libbz2.dll
    .dll windows:4 windows x86 arch:x86

    cee3e0446a71f1f86d99701a2756cf3b


    Headers

    Imports

    Exports

    Sections

  • $_10_/libcrypto-3.dll
    .dll windows:4 windows x86 arch:x86

    1b59d7b11b4c5d6a84ae99f0deb5a58c


    Headers

    Imports

    Exports

    Sections

  • $_10_/libfftw3-3.dll
    .dll windows:4 windows x86 arch:x86

    4aea519e48ab51fb66e7d52f6fe96a4a


    Headers

    Imports

    Exports

    Sections

  • $_10_/libfreetype-6.dll
    .dll windows:4 windows x86 arch:x86

    2c6fbc0814719ddc074986532cd85a56


    Headers

    Imports

    Exports

    Sections

  • $_10_/libgcc_s_sjlj-1.dll
    .dll windows:4 windows x86 arch:x86

    ff7aabaafa48d7ee6e867e077255ffcf


    Headers

    Imports

    Exports

    Sections

  • $_10_/libglib-2.0-0.dll
    .dll windows:4 windows x86 arch:x86

    a0047c872eeaf1835ce2c3658cc9771d


    Headers

    Imports

    Exports

    Sections

  • $_10_/libharfbuzz-0.dll
    .dll windows:4 windows x86 arch:x86

    15e7a47cb8d3bd8b536bdb0f4ec06c9c


    Headers

    Imports

    Exports

    Sections

  • $_10_/libiconv-2.dll
    .dll windows:4 windows x86 arch:x86

    7a8e2cdb76ece7e7e8507eb6ee9a8492


    Headers

    Imports

    Exports

    Sections

  • $_10_/libintl-8.dll
    .dll windows:4 windows x86 arch:x86

    7b946f85fd1747b7da84a2d335ad3eab


    Headers

    Imports

    Exports

    Sections

  • $_10_/libpcre2-16-0.dll
    .dll windows:4 windows x86 arch:x86

    06f93438e9428cdc3b41a4e25ff6ab62


    Headers

    Imports

    Exports

    Sections

  • $_10_/libpcre2-8-0.dll
    .dll windows:4 windows x86 arch:x86

    e98bcb554e848a7047a2106559807c9c


    Headers

    Imports

    Exports

    Sections

  • $_10_/libpng16-16.dll
    .dll windows:4 windows x86 arch:x86

    26bfa9cce4abe5bc71a321ed045c4aee


    Headers

    Imports

    Exports

    Sections

  • $_10_/libsqlite3-0.dll
    .dll windows:4 windows x86 arch:x86

    a063ba3b28de2273b5eaaf3c7cf84990


    Headers

    Imports

    Exports

    Sections

  • $_10_/libssl-3.dll
    .dll windows:4 windows x86 arch:x86

    ca751aa56d92047e0b0ace223472c743


    Headers

    Imports

    Exports

    Sections

  • $_10_/libstdc++-6.dll
    .dll windows:4 windows x86 arch:x86

    3e3a696236bd789e546720e0ee4bcc94


    Headers

    Imports

    Exports

    Sections

  • $_10_/libwinpthread-1.dll
    .dll windows:4 windows x86 arch:x86

    a1e8eabbcb6d9a972e80281fb1c588a9


    Headers

    Imports

    Exports

    Sections

  • $_10_/libzstd.dll
    .dll windows:4 windows x86 arch:x86

    6164b2cf101049916dbed53333f12b3c


    Headers

    Imports

    Exports

    Sections

  • $_10_/mediaservice/dsengine.dll
    .dll windows:4 windows x86 arch:x86

    ac085780969cacced16ea258e3a910ac


    Headers

    Imports

    Exports

    Sections

  • $_10_/mediaservice/qtmedia_audioengine.dll
    .dll windows:4 windows x86 arch:x86

    0751afbc21e1626988dd12964541aecc


    Headers

    Imports

    Exports

    Sections

  • $_10_/micard_desktop.exe
    .exe windows:4 windows x86 arch:x86

    54b55e4046a1b2b9b9117ad4f02e09e8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_10_/oktmo.db
  • $_10_/opengl32.dll
    .dll windows:4 windows x86 arch:x86

    83a9bee87639a9adf782c2efc024956e


    Headers

    Imports

    Exports

    Sections

  • $_10_/platforms/qwindows.dll
    .dll windows:4 windows x86 arch:x86

    d1c146955dfc31672b2826a959e823a9


    Headers

    Imports

    Exports

    Sections

  • $_10_/printsupport/windowsprintersupport.dll
    .dll windows:4 windows x86 arch:x86

    06c9238739ba03651cc8b16ac7087e0d


    Headers

    Imports

    Exports

    Sections

  • $_10_/sqldrivers/qsqlite.dll
    .dll windows:4 windows x86 arch:x86

    2274625d62610a5172cbba0b6c30ce4f


    Headers

    Imports

    Exports

    Sections

  • $_10_/styles/qwindowsvistastyle.dll
    .dll windows:4 windows x86 arch:x86

    c797a8a153b5f95fe0dbbfa07b603d85


    Headers

    Imports

    Exports

    Sections

  • $_10_/translations/qt_ru.qm
  • $_10_/translations/qtbase_ru.qm
  • $_10_/translations/qtconnectivity_ru.qm
  • $_10_/translations/qtlocation_ru.qm
  • $_10_/translations/qtmultimedia_ru.qm
  • $_10_/translations/qtxmlpatterns_ru.qm
  • $_10_/zlib1.dll
    .dll windows:4 windows x86 arch:x86

    668cdcf022fc6bc801becfa81582f67a


    Headers

    Imports

    Exports

    Sections