499d0e04aeabb42bfa3d686bc65b45b3b116116cf9231ea2717569e44dcfc8de

Sharing

Copy URL

Twitter E-mail

General

Target

499d0e04aeabb42bfa3d686bc65b45b3b116116cf9231ea2717569e44dcfc8de
Size

1.6MB
MD5

dee2869279e821a2f5d2185c2a885d37
SHA1

2ca86524216afd9d8d3fad0393bda0b06ccc781d
SHA256

499d0e04aeabb42bfa3d686bc65b45b3b116116cf9231ea2717569e44dcfc8de
SHA512

476c8a1687244c0bc08e855b140fcf047771ec25be90594d9dfaebe108dd697fd7454063d5018d9497e27b06dd464c0c1b4f65350c5754e67398997c42d187e2
SSDEEP

49152:vFjEcfASn65XZ3AHMsEBYBHyDjQ3bjgwNmCzfa:vFjdfAS6jK2YgDjmgw4CW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Qt5Core.dll

Files

499d0e04aeabb42bfa3d686bc65b45b3b116116cf9231ea2717569e44dcfc8de
.rar
Order confirmation for PO 7UH2025.exe
.exe windows:6 windows x64 arch:x64

4669247ec1a0c97441b6dc330f0fc086

Code Sign

07:e2:ef:84:3d:0d:6f:58:cb:bb:06:e3:e8:b3:d3:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

06-10-2020 00:00

Not After

31-12-2023 12:00

Subject

CN=The Qt Company Oy,O=The Qt Company Oy,L=Oulu,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-10-2019 00:00

Not After

17-10-2030 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:a5:83:0c:d9:76:a8:89:7c:77:41:b1:04:cf:58:e7:3e:89:c9:6b:1f:05:fb:c9:b1:fc:01:ba:5b:8e:fb:e5
Signer

Actual PE Digest

9e:a5:83:0c:d9:76:a8:89:7c:77:41:b1:04:cf:58:e7:3e:89:c9:6b:1f:05:fb:c9:b1:fc:01:ba:5b:8e:fb:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\qt\work\qt\qtdeclarative\bin\qmlcachegen.pdb

Imports

qt5core

?toUtf8@QString@@QEHAA?AVQByteArray@@XZ
?toLocal8Bit@QString@@QEGBA?AVQByteArray@@XZ
?toLocal8Bit@QString@@QEHAA?AVQByteArray@@XZ
?fromLatin1@QString@@SA?AV1@PEBDH@Z
?fromUtf8@QString@@SA?AV1@AEBVQByteArray@@@Z
?number@QString@@SA?AV1@HH@Z
?number@QString@@SA?AV1@IH@Z
??8@YA_NAEBVQString@@0@Z
??0QString@@QEAA@HW4Initialization@Qt@@@Z
?appendLatin1To@QAbstractConcatenable@@KAXPEBDHPEAVQChar@@@Z
?qSetGlobalQHashSeed@@YAXH@Z
?qHash@@YAIAEBVQString@@I@Z
?detach@QListData@@QEAAPEAUData@1@H@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?dispose@QListData@@SAXPEAUData@1@@Z
?append@QListData@@QEAAPEAPEAXXZ
?QStringList_join@QtPrivate@@YA?AVQString@@PEBVQStringList@@PEBVQChar@@H@Z
?QStringList_contains@QtPrivate@@YA_NPEBVQStringList@@AEBVQString@@W4CaseSensitivity@Qt@@@Z
??0QCoreApplication@@QEAA@AEAHPEAPEADH@Z
??1QCoreApplication@@UEAA@XZ
?setApplicationName@QCoreApplication@@SAXAEBVQString@@@Z
?setApplicationVersion@QCoreApplication@@SAXAEBVQString@@@Z
?translate@QCoreApplication@@SA?AVQString@@PEBD00H@Z
?allocateNode@QHashData@@QEAAPEAXH@Z
?detach_helper@QHashData@@QEAAPEAU1@P6AXPEAUNode@1@PEAX@ZP6AX0@ZHH@Z
?rehash@QHashData@@QEAAXH@Z
?free_helper@QHashData@@QEAAXP6AXPEAUNode@1@@Z@Z
?nextNode@QHashData@@SAPEAUNode@1@PEAU21@@Z
??0QCommandLineOption@@QEAA@AEBVQString@@000@Z
??1QCommandLineOption@@QEAA@XZ
?names@QCommandLineOption@@QEBA?AVQStringList@@XZ
??0QCommandLineParser@@QEAA@XZ
??1QCommandLineParser@@QEAA@XZ
?setSingleDashWordOptionMode@QCommandLineParser@@QEAAXW4SingleDashWordOptionMode@1@@Z
?addOption@QCommandLineParser@@QEAA_NAEBVQCommandLineOption@@@Z
?addVersionOption@QCommandLineParser@@QEAA?AVQCommandLineOption@@XZ
?addHelpOption@QCommandLineParser@@QEAA?AVQCommandLineOption@@XZ
?addPositionalArgument@QCommandLineParser@@QEAAXAEBVQString@@00@Z
?process@QCommandLineParser@@QEAAXAEBVQCoreApplication@@@Z
?isSet@QCommandLineParser@@QEBA_NAEBVQCommandLineOption@@@Z
?value@QCommandLineParser@@QEBA?AVQString@@AEBVQCommandLineOption@@@Z
?values@QCommandLineParser@@QEBA?AVQStringList@@AEBVQCommandLineOption@@@Z
?positionalArguments@QCommandLineParser@@QEBA?AVQStringList@@XZ
?showHelp@QCommandLineParser@@QEAAXH@Z
?readAll@QIODevice@@QEAA?AVQByteArray@@XZ
?write@QIODevice@@QEAA_JPEBD_J@Z
?write@QIODevice@@QEAA_JAEBVQByteArray@@@Z
?errorString@QIODevice@@QEBA?AVQString@@XZ
?error@QFileDevice@@QEBA?AW4FileError@1@XZ
??0QFile@@QEAA@AEBVQString@@@Z
??1QFile@@UEAA@XZ
?open@QFile@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QDateTime@@QEAA@XZ
??1QDateTime@@QEAA@XZ
??0QSaveFile@@QEAA@AEBVQString@@@Z
??1QSaveFile@@UEAA@XZ
?open@QSaveFile@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?commit@QSaveFile@@QEAA_NXZ
?freeTree@QMapDataBase@@QEAAXPEAUQMapNodeBase@@H@Z
?freeData@QMapDataBase@@SAXPEAU1@@Z
??0QTextStream@@QEAA@PEAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QTextStream@@UEAA@XZ
??6QTextStream@@QEAAAEAV0@D@Z
??6QTextStream@@QEAAAEAV0@H@Z
??6QTextStream@@QEAAAEAV0@PEBD@Z
?hex@Qt@@YAAEAVQTextStream@@AEAV2@@Z
?shared_null@QListData@@2UData@1@B
?startsWith@QString@@QEBA_NVQChar@@W4CaseSensitivity@Qt@@@Z
?endsWith@QString@@QEBA_NVQChar@@W4CaseSensitivity@Qt@@@Z
?append@QString@@QEAAAEAV1@VQChar@@@Z
?toString@QStringRef@@QEBA?AVQString@@XZ
??8@YA_NAEBVQString@@AEBVQStringRef@@@Z
??0QXmlStreamAttributes@@QEAA@XZ
?value@QXmlStreamAttributes@@QEBA?AVQStringRef@@AEBVQString@@@Z
?append@QXmlStreamAttributes@@QEAAXAEBVQString@@0@Z
?hasAttribute@QXmlStreamAttributes@@QEBA_NAEBVQString@@@Z
??1QXmlStreamAttributes@@QEAA@XZ
??4QXmlStreamAttributes@@QEAAAEAV0@$$QEAV0@@Z
??0QXmlStreamReader@@QEAA@PEAVQIODevice@@@Z
??1QXmlStreamReader@@QEAA@XZ
?atEnd@QXmlStreamReader@@QEBA_NXZ
?readNext@QXmlStreamReader@@QEAA?AW4TokenType@1@XZ
?isWhitespace@QXmlStreamReader@@QEBA_NXZ
?documentVersion@QXmlStreamReader@@QEBA?AVQStringRef@@XZ
?lineNumber@QXmlStreamReader@@QEBA_JXZ
?attributes@QXmlStreamReader@@QEBA?AVQXmlStreamAttributes@@XZ
?name@QXmlStreamReader@@QEBA?AVQStringRef@@XZ
?text@QXmlStreamReader@@QEBA?AVQStringRef@@XZ
??0QXmlStreamWriter@@QEAA@PEAVQString@@@Z
??1QXmlStreamWriter@@QEAA@XZ
?setAutoFormatting@QXmlStreamWriter@@QEAAX_N@Z
?writeAttributes@QXmlStreamWriter@@QEAAXAEBVQXmlStreamAttributes@@@Z
?writeCharacters@QXmlStreamWriter@@QEAAXAEBVQString@@@Z
?writeEndDocument@QXmlStreamWriter@@QEAAXXZ
?writeEndElement@QXmlStreamWriter@@QEAAXXZ
?writeStartDocument@QXmlStreamWriter@@QEAAXXZ
?writeStartDocument@QXmlStreamWriter@@QEAAXAEBVQString@@@Z
?writeStartElement@QXmlStreamWriter@@QEAAXAEBVQString@@@Z
?close@QFileDevice@@UEAAXXZ
??0QFileInfo@@QEAA@AEBVQString@@@Z
??0QFileInfo@@QEAA@AEBVQFile@@@Z
??1QFileInfo@@QEAA@XZ
?absoluteDir@QFileInfo@@QEBA?AVQDir@@XZ
??1QDir@@QEAA@XZ
?absoluteFilePath@QDir@@QEBA?AVQString@@AEBV2@@Z
?relativeFilePath@QDir@@QEBA?AVQString@@AEBV2@@Z
?truncate@QString@@QEAAXH@Z
?arg@QString@@QEBA?AV1@AEBV1@HVQChar@@@Z
?indexOf@QString@@QEBAHVQChar@@HW4CaseSensitivity@Qt@@@Z
?mid@QString@@QEBA?AV1@HH@Z
?replace@QString@@QEAAAEAV1@VQChar@@0W4CaseSensitivity@Qt@@@Z
?replace@QString@@QEAAAEAV1@AEBVQRegExp@@AEBV1@@Z
??0QRegExp@@QEAA@AEBVQString@@W4CaseSensitivity@Qt@@W4PatternSyntax@0@@Z
??1QRegExp@@QEAA@XZ
??6QTextStream@@QEAAAEAV0@AEBVQString@@@Z
?fileName@QFileInfo@@QEBA?AVQString@@XZ
?baseName@QFileInfo@@QEBA?AVQString@@XZ
?completeBaseName@QFileInfo@@QEBA?AVQString@@XZ
?completeSuffix@QFileInfo@@QEBA?AVQString@@XZ
?path@QFileInfo@@QEBA?AVQString@@XZ
?remove@QString@@QEAAAEAV1@HH@Z
?exists@QFile@@SA_NAEBVQString@@@Z
??8QFileInfo@@QEBA_NAEBV0@@Z
?suffix@QFileInfo@@QEBA?AVQString@@XZ
?current@QDir@@SA?AV1@XZ
?cleanPath@QDir@@SA?AVQString@@AEBV2@@Z
?toUtf8@QString@@QEGBA?AVQByteArray@@XZ
?data@QString@@QEBAPEBVQChar@@XZ
?qInf@@YANXZ
?sharedNull@QArrayData@@SAPEAU1@XZ
?midRef@QString@@QEBA?AVQStringRef@@HH@Z
??0QSharedData@@QEAA@XZ
?qEnvironmentVariableIsSet@@YA_NPEBD@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?debug@QMessageLogger@@QEBA?AVQDebug@@XZ
?allocate@QArrayData@@SAPEAU1@_K00V?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?qstrcpy@@YAPEADPEADPEBD@Z
?resize@QByteArray@@QEAAXH@Z
?data@QByteArray@@QEAAPEADXZ
??1QDebug@@QEAA@XZ
??6QDebug@@QEAAAEAV0@H@Z
??6QDebug@@QEAAAEAV0@I@Z
??6QDebug@@QEAAAEAV0@_K@Z
??6QDebug@@QEAAAEAV0@PEBD@Z
??6QDebug@@QEAAAEAV0@AEBVQString@@@Z
?isValid@QDateTime@@QEBA_NXZ
?toMSecsSinceEpoch@QDateTime@@QEBA_JXZ
??0QCryptographicHash@@QEAA@W4Algorithm@0@@Z
??1QCryptographicHash@@QEAA@XZ
?addData@QCryptographicHash@@QEAAXPEBDH@Z
?result@QCryptographicHash@@QEBA?AVQByteArray@@XZ
?warning@QMessageLogger@@QEBAXPEBDZZ
?qQNaN@@YANXZ
?compareStrings@QtPrivate@@YAHVQStringView@@0W4CaseSensitivity@Qt@@@Z
?front@QString@@QEBA?AVQChar@@XZ
??M@YA_NAEBVQString@@0@Z
??8QString@@QEBA_NVQLatin1String@@@Z
?isNull@QString@@QEBA_NXZ
?data@QStringRef@@QEBAPEBVQChar@@XZ
?isNull@QStringRef@@QEBA_NXZ
??8@YA_NVQLatin1String@@AEBVQStringRef@@@Z
?QStringList_removeDuplicates@QtPrivate@@YAHPEAVQStringList@@@Z
??6QDebug@@QEAAAEAV0@_N@Z
??4QDateTime@@QEAAAEAV0@AEBV0@@Z
?isLetter@QChar@@QEBA_NXZ
?isLetterOrNumber@QChar@@SA_NI@Z
?mid@QContainerImplHelper@QtPrivate@@SA?AW4CutResult@12@HPEAH0@Z
?append@QString@@QEAAAEAV1@AEBVQStringRef@@@Z
?begin@QString@@QEBAPEBVQChar@@XZ
?end@QString@@QEBAPEBVQChar@@XZ
?indexOf@QStringRef@@QEBAHVQChar@@HW4CaseSensitivity@Qt@@@Z
?left@QStringRef@@QEBA?AV1@H@Z
?mid@QStringRef@@QEBA?AV1@HH@Z
?unicode@QStringRef@@QEBAPEBVQChar@@XZ
?constData@QStringRef@@QEBAPEBVQChar@@XZ
?at@QStringRef@@QEBA?BVQChar@@H@Z
?toInt@QStringRef@@QEBAHPEA_NH@Z
?realloc@QListData@@QEAAXH@Z
?freeNode@QHashData@@QEAAXPEAX@Z
?isUpper@QChar@@QEBA_NXZ
?unicode@QString@@QEBAPEBVQChar@@XZ
?arg@QString@@QEBA?AV1@VQLatin1String@@HVQChar@@@Z
??0QStringRef@@QEAA@XZ
??0QStringRef@@QEAA@AEBV0@@Z
??4QStringRef@@QEAAAEAV0@$$QEAV0@@Z
??4QStringRef@@QEAAAEAV0@AEBV0@@Z
?isEmpty@QStringRef@@QEBA_NXZ
?front@QStringRef@@QEBA?AVQChar@@XZ
?digitValue@QChar@@SAHI@Z
?isSpace@QChar@@SA_NI@Z
?arg@QString@@QEBA?AV1@VQChar@@H0@Z
?insert@QString@@QEAAAEAV1@HPEBVQChar@@H@Z
?replace@QString@@QEAAAEAV1@VQLatin1String@@0W4CaseSensitivity@Qt@@@Z
?qstrtod@@YANPEBDPEAPEBDPEA_N@Z
??0QLocale@@QEAA@W4Language@0@W4Country@0@@Z
??1QLocale@@QEAA@XZ
?toString@QLocale@@QEBA?AVQString@@NDH@Z
?setNumberOptions@QLocale@@QEAAXV?$QFlags@W4NumberOption@QLocale@@@@@Z
?nextNode@QMapNodeBase@@QEBAPEBU1@XZ
?recalcMostLeftNode@QMapDataBase@@QEAAXXZ
?createNode@QMapDataBase@@QEAAPEAUQMapNodeBase@@HHPEAU2@_N@Z
?createData@QMapDataBase@@SAPEAU1@XZ
?shared_null@QMapDataBase@@2U1@B
?reserve@QByteArray@@QEAAXH@Z
?append@QByteArray@@QEAAAEAV1@D@Z
?insert@QByteArray@@QEAAAEAV1@HHD@Z
?number@QByteArray@@SA?AV1@HH@Z
?number@QByteArray@@SA?AV1@IH@Z
?end@QByteArray@@QEBAPEBDXZ
?arg@QString@@QEBA?AV1@HHHVQChar@@@Z
?nospace@QDebug@@QEAAAEAV1@XZ
?maybeSpace@QDebug@@QEAAAEAV1@XZ
?noquote@QDebug@@QEAAAEAV1@XZ
??6QDebug@@QEAAAEAV0@_J@Z
??6QDebug@@QEAAAEAV0@AEBVQByteArray@@@Z
??4QByteArray@@QEAAAEAV0@AEBV0@@Z
?append@QByteArray@@QEAAAEAV1@PEBDH@Z
?compare@QStringRef@@QEBAHVQLatin1String@@W4CaseSensitivity@Qt@@@Z
??6QDebug@@QEAAAEAV0@PEBX@Z
??YQString@@QEAAAEAV0@VQChar@@@Z
?prepend@QString@@QEAAAEAV1@AEBV1@@Z
?append@QString@@QEAAAEAV1@AEBV1@@Z
?append@QString@@QEAAAEAV1@VQLatin1String@@@Z
?insert@QString@@QEAAAEAV1@HVQChar@@@Z
?endsWith@QString@@QEBA_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?startsWith@QString@@QEBA_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?at@QString@@QEBA?BVQChar@@H@Z
?clear@QString@@QEAAXXZ
?constData@QString@@QEBAPEBVQChar@@XZ
?data@QString@@QEAAPEAVQChar@@XZ
?reserve@QString@@QEAAXH@Z
?resize@QString@@QEAAXH@Z
??4QString@@QEAAAEAV0@$$QEAV0@@Z
??0QString@@QEAA@$$QEAV0@@Z
??4QString@@QEAAAEAV0@AEBV0@@Z
??1QString@@QEAA@XZ
??0QString@@QEAA@AEBV0@@Z
??0QString@@QEAA@VQLatin1String@@@Z
??0QString@@QEAA@PEBVQChar@@H@Z
??0QString@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
??1QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??0QByteArray@@QEAA@XZ
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
?category@QChar@@SA?AW4Category@1@I@Z
??0QChar@@QEAA@UQLatin1Char@@@Z
??0QByteArray@@QEAA@AEBV0@@Z
?shared_null@QHashData@@2U1@B

msvcp140

?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z

kernel32

InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetSystemTimeAsFileTime

vcruntime140

memcpy
_purecall
memset
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memmove
__C_specific_handler
__current_exception
__current_exception_context

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_register_onexit_function
_crt_atexit
_configure_narrow_argv
_seh_filter_exe
_set_app_type
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_cexit
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
terminate
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
malloc
realloc
_callnewh

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func
_set_fmode
__p__commode

api-ms-win-crt-math-l1-1-0

__setusermatherr
_dsign
modf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Qt5Core.dll
.dll windows:6 windows x64 arch:x64

af55adcc47d59677486af7558a14bf55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
CheckTokenMembership
DeregisterEventSource
DuplicateTokenEx
GetTokenInformation
ImpersonateLoggedOnUser
LookupPrivilegeValueW
OpenProcessToken
OpenThreadToken
RegCloseKey
RegQueryValueExW
RegisterEventSourceW
ReportEventW
RevertToSelf

bcrypt

BCryptCreateHash
BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptDestroyKey
BCryptEncrypt
BCryptFinishHash
BCryptGenRandom
BCryptGetProperty
BCryptImportKey
BCryptOpenAlgorithmProvider
BCryptSetProperty
BCryptDecrypt
BCryptHashData

kernel32

TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx
InitializeSListHead
IsProcessorFeaturePresent
CancelThreadpoolIo
CloseHandle
CloseThreadpoolIo
CloseThreadpoolWait
CloseThreadpoolWork
CompareStringEx
CompareStringOrdinal
CopyFileExW
CreateDirectoryW
CreateEventExW
CreateFileW
CreatePipe
CreateProcessA
CreateProcessW
CreateThread
CreateThreadpoolIo
CreateThreadpoolWait
CreateThreadpoolWork
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNLSStringEx
FindStringOrdinal
FlushFileBuffers
FormatMessageW
FreeConsole
FreeLibrary
GetCPInfoExW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumberEx
GetCurrentThread
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileInformationByHandleEx
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoEx
GetLongPathNameW
GetModuleFileNameW
GetOverlappedResult
GetProcAddress
GetProcessId
GetStdHandle
GetSystemDirectoryW
GetThreadContext
GetThreadPriority
GetTickCount64
InitializeConditionVariable
InitializeCriticalSection
IsDebuggerPresent
IsWow64Process
K32EnumProcessModulesEx
K32EnumProcesses
K32GetModuleBaseNameW
K32GetModuleFileNameExW
K32GetModuleInformation
LCMapStringEx
LeaveCriticalSection
LoadLibraryExW
LocalAlloc
LocalFree
LocaleNameToLCID
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseFailFastException
ReadConsoleW
ReadFile
ResetEvent
ResolveLocaleName
ResumeThread
SetConsoleTextAttribute
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetLastError
SetThreadContext
SetThreadErrorMode
SetThreadPriority
SetThreadpoolWait
Sleep
SleepConditionVariableCS
StartThreadpoolIo
SubmitThreadpoolWork
TerminateProcess
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForThreadpoolWaitCallbacks
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
FlushProcessWriteBuffers
WaitForSingleObjectEx
AddVectoredExceptionHandler
GetModuleHandleW
RtlVirtualUnwind
RtlCaptureContext
RtlRestoreContext
VerSetConditionMask
FlsAlloc
FlsGetValue
FlsSetValue
CreateEventW
SwitchToThread
GetCurrentThreadId
SuspendThread
FlushInstructionCache
VirtualProtect
CreateMemoryResourceNotification
QueryInformationJobObject
GetModuleHandleExW
GetProcessAffinityMask
VerifyVersionInfoW
InitializeContext
GetEnabledXStateFeatures
SetXStateFeaturesMask
VirtualQuery
GetSystemTimeAsFileTime
InitializeCriticalSectionEx
SleepEx
DebugBreak
GlobalMemoryStatusEx
GetSystemInfo
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLargePageMinimum
VirtualUnlock
VirtualAllocExNuma
IsProcessInJob
GetNumaHighestNodeNumber
GetProcessGroupAffinity
K32GetProcessMemoryInfo
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry

ole32

CoCreateGuid
CoGetApartmentType
CoTaskMemAlloc
CoWaitForMultipleHandles
CoUninitialize
CoTaskMemFree
CoInitializeEx

api-ms-win-crt-heap-l1-1-0

calloc
_aligned_free
free
malloc
_aligned_malloc
_callnewh

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-string-l1-1-0

strcmp
wcsncmp
_stricmp
strcpy_s

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_seh_filter_dll
abort
_cexit
_register_onexit_function
_execute_onexit_table
_crt_atexit
_initterm
terminate

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vfprintf
__stdio_common_vsscanf
__acrt_iob_func

Exports

Exports

07A1ot6rYv66kY
07MujLSfe6BZ
0Dz9Dp0Qo3kLTa4TmyxqVphR5G
0EAVU9fT
0J4vJQG0lxTd
0MeOexGohLG1Co9Pt3v3yjqAAmj1tL
0O4pxKmLib
0QFgx4QTFpAtheU
0VcGZOIQb2GxQSMXz
0VfR1NP8pG67of9HwSVfD5EE
0Vt4a2PRdzt
0Wv1VzVLcwZ7dON3tCUHTRBVipjL6
0cu25AR89lzpx
0f36whE30mWvjUor64hK6
0mbSOVSp3Df2
0oTMMQviW32i3el
0rwRa2bSL5xQ5oX7DOnnm
0sYLcM6VY1i
0uaAswgLo8XMZ4DZxOU17J3
0xwWI1ME
11y7JghBE0iTm9lEerwF4mFjViSj5t5X
12SMNK7K6XYfezqX0jkFbE
13d31yDcIeJA6vAWj9xeaWj1
14U1TxBcuLIS0RO8tMF6CnwKw9TWoQw
17Rm5fNA4KrSL2aTled
1Ai4WDqMA
1B4DFsiI
1D44ZC8QVK59O5UuJtt
1F6MmeLTAKYS9ZqsFDN
1FIuOyDKZ0aXoyMgFgrWEm41z7
1JMTrSqKiaPtQa4yB
1JauyjIceA8fBuRTicUkvvT
1KMBBnfgYaxWe
1PHjPENUgmFpDbSDDjrNVdhnLbwFFo
1PNvxYi1dhjITTLu
1Q0DWEp
1Tttdfh2CSg
1VHSkEv0t3rDTWWngAgetIoUMUZ87
1WKIBjWbJpSOTyz1B0npap
1ZbVzuUFg
1gWEdL91NJR3pK68CqjYR6F3S7Tqd
1hrwr8wqyd4IthFq2ufGQCaMs56YQle
1lGciStGS7K
1nnR1THccAE01GyAZGVPierucS2qUMb
1qZ9gqe8w0Y6Z9KNR8YF
1rMcmZ81EzznA2ZYZXUZSOVv0HdjqhR
1shcAqsJBlj
1ud3PGupyWYfMmKUqR39qLEGKR
1vjiREAusHXKG2vhxBnVrdrA
1vxJIkjNgam1MAs6pMhDmmWx7KtEkYzy
1zkzTqm4l4WSd
205Z2oLP0E
22BmQ8hDsv3z1G6vUYU69O0ivkJJ4R
23H2b257imc4qnH1gW
24OLzrMFjFaTUQPZ
24oUnDpjTTGGz5I
2B7fjfhj5U
2BcLiYhDMFjyiFdnvI5u3cgn
2Kh03lGAe9iIIOJUkV7fxtfgb1PxPm7
2Q9N4SKRllBf3QFyvsVX7uAY
2avI4BQzkUNF7a7
2jdfJssJjkg0Tei44E4jse6Mz3
2m8IdVVib
2rtBDRJ
2thQ9v2Jc5MXMlvQOInrYkE
2uVLGS1gSL0Ml6uL8j9L3Rk3S4s1f1hl
2utKHAaFG
2vuaoqnCXBLEloIKL3TRskKCsWnt3DGb
34iuoq4sKGSFvxL8zQ1E
34tmv3D3l
38444wV49PNAP
3En2Txx4GQTHmM0bv
3GApl5x
3IeNhdzslEYhTFgDtDVa
3KjKcjQOYuZbX
3Kyk8o6iQR7HzDYHsA4e9r6JcIy
3MeIYZoVSsK2stgzt
3NtS71WRE4nproTDCuiq4nmAU
3Oio3rL9Secz43hLFi89jtCi69ah
3P0fT4BjqRFPp7G5LWdv6TWHhHwL
3S5m6YBy0P7YjldgbagYiYVB4I
3TPsvCMVNU4uiJeORaF9N3BcRN0iTPBw
3YnV2957gW1ZS
3jDuaHiVB60SDVtDu6LJ
3kx2qYPGrmA3nQIwqUjxs
3lET9dfVAIiPPAXsmep3b7KEfiDAdrm
3tetIiZWWoiKbxoOrzV97XSYCohFrRcy
3wKHRzHlzI7bqpJqKJO
3yHp3g3N54
41BmBhnqkrOypm5R1agemoe77Capwcb
434YhCxszCxSfxprqg14RRtJ6
4Q1DGmkf1md48QgYlG
4Rjze04EDbI
4SHQHH5u37n3OZ5FcKoo0uw5mmmwC
4TBwTRTJmNzCvaA9d
4cAOL4LXocye8wv5LVB0ffECPf
4d5ZpaGMo
4eh78PjWEHXSpMlUngoFj5e
4goPwV2pJjF5MhH4MyT3U
4gtIh9WZ6fQdCaI
4iZBiYMzrJaALx1a
4ls3NT4Qp8Pt6jpwB7dGqEf1GSA0Y
4mPHRvvmx0U8K3m0rHc
4v5F3TifrogBDlOIOn
4wfVsPle
53ooLgX5f0O5EqPb4ZIYe
571lwyuORuQIsd
5GS6RKLIL3THGwvzjg1PKTvqoYtv9
5Jesu20kreIJDsiovY
5LSI1TD2c4Bvh4no2Cds421EYb9m
5LdHXlAvDBmG
5LwqnhwqxAonLLEQccXqDZ9xxq0UDs5
5OHFL8llsWYARYMZ9B15AAm5Sn1k
5R2oB1A0LxPfJkfqavsKSAr6gAYPzCOy
5Rnu38UXxQTnPULZebmbT6G6FyZPnIC
5SMCD9QdrGMhwmQVXxRfOSwC
5TcXPxCtHKPs
5WIaQxx88Ac
5YtuB5Hl8h4HDhveGiC
5aCsvseFxV1M7L3tzRUp
5hBBswYwFFqATxdjJFySe
5hENcE3YegasXZL
5iJ19Ut6tie
5lUTTKcFtI4fP0
5nCtpnIxfm2ylPxhDBKFXb4IM
5sapIAN4YtzrcK8VVL3nU2Tzxt2
5yo4Vx2WrwCBZtzsVTHTB1K
60IHPr9yCLbxtWQNF6
64iKTktod1kIcQi7LwvimvwO
65n1dWWma1i5tLLjS23OPXSr0e0
6Anu02tB1epyiyDvwVaIloEJlg
6DPTNZGOQe
6Fr2X65ZfNaeTZF96GEiN
6McwxI66T9AdQL57sSVEHyC2ra5x
6NT8eiagUr2dLJV
6TmCqYOzCt5J21L0bYnVbL4KfcH0
6VJtpWpoylY
6WiP3wQfCwvAKoY5yHsKXazHJpu5EpQ
6XibhCagy8Gzv
6iqdTynUMsJckgnfY7p6cXqbrY
6nFxLEDx2np0C7OYECNV
6nRjLdtEx6qKPyQTsmTFZ
6rABG9OJZ8kmJXFPhNXGib70g5
6x0u5MeDIutx4uNVIfvVATO1j2Dg
73CXy004d9SvwLDkHaoPlZlw0DDk5lR
76xVkFeeVSQwVBRqgV
78sf5tEoiF8gkjqPwyctZEpraVGDG2
7A0dL9fajHcYeNaCPzQ7nvgBYZZ4qQSX
7Gi4bkao
7J9v7jpWilqNIFNguYd
7KfFTqgoR0OCzxY8gJ1j4EPplfiCSZ
7Kh7GZpR84I5MTYZ
7N5kOAIWI1
7OqJlbauIU
7UZOX2HB9gV6pwHRpo
7Vsj7pHPRjE5gOWK8zCArX5Cfchu
7WkSnYeKVAGnsy7sKQ5kj1oG
7Xs2xM32RTbvbcQNB3NLES8vTLO6E
7Zx2P9lbyVOZwkiV8Ijazgc
7abhLND6lHSlWrjmSxxabAp3
7crtHEaP8u25F
7eUeNbkFctKD
7k7OqV82YnFRnU
7l9Vd4Ih
7mmcf09SpKdAu30BLbw8PJ4I
7o1IZiITH0Q875d13Ik9TgE3
7qFwl6UDL2Sns0UpYKBCv1A
7qcBrhDn8xcWxHv
7qofq6xrTADQf9IAJzlej4f3
7wblEsYVhXkGt
84a5HfmpOOuZib2ru2kD
84qhTbE3PmjIQBdPUV7ilk42KO7eE
89dwoka58NvEhMFvDZymYW
8B1prauHqd1gnn2Y
8BYkOza2OH
8BlM5XEJCnrZ0YB
8CzJnyU9f8Gro9XvGZT8uV7oBMWu
8IJILArUlzGtCdNzCY
8M9ZyQCIJiU2T3ZJZ18Y
8O5np2NcZX6bxik3
8PrDRVK
8QLNwsyLTRgT
8TuK8cqn77
8WrLGKGdvXTlp
8XkBiWO
8Yt3XIRjsd30JsllyZEvxcscCTCARS
8cWvYSk50kPG8eCi3TDSy8WZR
8kiKm1AP0g589wTlciF4EYv3u
8lATSLllEY6K
8pZkMhFq58ibxNo
8unaDACz4QiLvj74TTbS
8x8ZlO9EawpueKs6RjQ0d3RYedr
91JYcqG4
91y2snZOwdl8qZyOs1kND
97ndRUtF3NdIi
98TtPxPcRKN
9EmAUUagp9Dhnkf
9FISwM0nwpqPM1GBclMUtNYeMUv
9Q3Y3xOmWht7WSQ53FTnl8tpF7vHsj
9R2bsT59M7wwiqz3oJdamLr0
9VXSlyz9Z8kvnslkDNqlRCou0
9ZnWVT0xgz1BYAUoraYy4
9a1jL5ikmPUMBRhMDHonXyMY11d
9aI8z3V4UmPxDRHBoS
9aZOjheQKfJsAoy5iYMNIo8GEpABtoP
9eGz5UKhl5hJIATdoAAszu3Zs
9jj9MAnY1zK
9kqt9KKQT4KnY
9m5bsw16KT15w1
9nO0SSMdZNgkljeBkFTHzsG9QWk7ziUf
9nffxrMSJZjSosBDUoshK2OEuQ61Ewk
9suwb25I7DiYhu
9tWwwmdhBHhgzK1
9usK67SLV
9zLMahUM0kVhx1zZiUm
??$qbswap@$01@@YAPEAXPEBX_JPEAX@Z
??$qbswap@$03@@YAPEAXPEBX_JPEAX@Z
??$qbswap@$07@@YAPEAXPEBX_JPEAX@Z
??0?$QList@VQItemSelectionRange@@@@QEAA@$$QEAV0@@Z
??0?$QList@VQItemSelectionRange@@@@QEAA@AEBV0@@Z
??0?$QList@VQItemSelectionRange@@@@QEAA@V?$initializer_list@VQItemSelectionRange@@@std@@@Z
??0?$QList@VQItemSelectionRange@@@@QEAA@XZ
??0?$QVector@VQPoint@@@@QEAA@$$QEAV0@@Z
??0?$QVector@VQPoint@@@@QEAA@AEBV0@@Z
??0?$QVector@VQPoint@@@@QEAA@H@Z
??0?$QVector@VQPoint@@@@QEAA@HAEBVQPoint@@@Z
??0?$QVector@VQPoint@@@@QEAA@U?$QArrayDataPointerRef@VQPoint@@@@@Z
??0?$QVector@VQPoint@@@@QEAA@V?$initializer_list@VQPoint@@@std@@@Z
??0?$QVector@VQPoint@@@@QEAA@XZ
??0?$QVector@VQPointF@@@@QEAA@$$QEAV0@@Z
??0?$QVector@VQPointF@@@@QEAA@AEBV0@@Z
??0?$QVector@VQPointF@@@@QEAA@H@Z
??0?$QVector@VQPointF@@@@QEAA@HAEBVQPointF@@@Z
??0?$QVector@VQPointF@@@@QEAA@U?$QArrayDataPointerRef@VQPointF@@@@@Z
??0?$QVector@VQPointF@@@@QEAA@V?$initializer_list@VQPointF@@@std@@@Z
??0?$QVector@VQPointF@@@@QEAA@XZ
??0?$QVector@VQXmlStreamAttribute@@@@QEAA@$$QEAV0@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QEAA@AEBV0@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QEAA@H@Z
??0?$QVector@VQXmlStreamAttribute@@@@QEAA@HAEBVQXmlStreamAttribute@@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QEAA@U?$QArrayDataPointerRef@VQXmlStreamAttribute@@@@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QEAA@V?$initializer_list@VQXmlStreamAttribute@@@std@@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QEAA@XZ
??0Connection@QMetaObject@@AEAA@PEAX@Z
??0Connection@QMetaObject@@QEAA@$$QEAV01@@Z
??0Connection@QMetaObject@@QEAA@AEBV01@@Z
??0Connection@QMetaObject@@QEAA@XZ
??0ConverterState@QTextCodec@@QEAA@V?$QFlags@W4ConversionFlag@QTextCodec@@@@@Z
??0ExceptionHolder@QtPrivate@@QEAA@AEBV01@@Z
??0ExceptionHolder@QtPrivate@@QEAA@PEAVQException@@@Z
??0ExceptionStore@QtPrivate@@QEAA@$$QEAV01@@Z
??0ExceptionStore@QtPrivate@@QEAA@AEBV01@@Z
??0ExceptionStore@QtPrivate@@QEAA@XZ
??0QAbstractAnimation@@IEAA@AEAVQAbstractAnimationPrivate@@PEAVQObject@@@Z
??0QAbstractAnimation@@QEAA@PEAVQObject@@@Z
??0QAbstractAnimationTimer@@QEAA@XZ
??0QAbstractDynamicMetaObject@@QEAA@AEBU0@@Z
??0QAbstractDynamicMetaObject@@QEAA@XZ
??0QAbstractEventDispatcher@@IEAA@AEAVQAbstractEventDispatcherPrivate@@PEAVQObject@@@Z
??0QAbstractEventDispatcher@@QEAA@PEAVQObject@@@Z
??0QAbstractEventDispatcherPrivate@@QEAA@XZ
??0QAbstractFileEngine@@IEAA@AEAVQAbstractFileEnginePrivate@@@Z
??0QAbstractFileEngine@@IEAA@XZ
??0QAbstractFileEngineHandler@@QEAA@AEBV0@@Z
??0QAbstractFileEngineHandler@@QEAA@XZ
??0QAbstractFileEngineIterator@@QEAA@V?$QFlags@W4Filter@QDir@@@@AEBVQStringList@@@Z
??0QAbstractItemModel@@IEAA@AEAVQAbstractItemModelPrivate@@PEAVQObject@@@Z
??0QAbstractItemModel@@QEAA@PEAVQObject@@@Z
??0QAbstractItemModelPrivate@@QEAA@XZ
??0QAbstractListModel@@IEAA@AEAVQAbstractItemModelPrivate@@PEAVQObject@@@Z
??0QAbstractListModel@@QEAA@PEAVQObject@@@Z
??0QAbstractMetaCallEvent@@QEAA@AEBV0@@Z
??0QAbstractMetaCallEvent@@QEAA@PEBVQObject@@HPEAVQSemaphore@@@Z
??0QAbstractNativeEventFilter@@QEAA@XZ
??0QAbstractProxyModel@@IEAA@AEAVQAbstractProxyModelPrivate@@PEAVQObject@@@Z
??0QAbstractProxyModel@@QEAA@PEAVQObject@@@Z
??0QAbstractProxyModelPrivate@@QEAA@XZ
??0QAbstractState@@IEAA@AEAVQAbstractStatePrivate@@PEAVQState@@@Z
??0QAbstractState@@IEAA@PEAVQState@@@Z
??0QAbstractTableModel@@IEAA@AEAVQAbstractItemModelPrivate@@PEAVQObject@@@Z
??0QAbstractTableModel@@QEAA@PEAVQObject@@@Z
??0QAbstractTransition@@IEAA@AEAVQAbstractTransitionPrivate@@PEAVQState@@@Z
??0QAbstractTransition@@QEAA@PEAVQState@@@Z
??0QAbstractTransitionPrivate@@QEAA@XZ
??0QAnimationDriver@@IEAA@AEAVQAnimationDriverPrivate@@PEAVQObject@@@Z
??0QAnimationDriver@@QEAA@PEAVQObject@@@Z
??0QAnimationDriverPrivate@@QEAA@XZ
??0QAnimationGroup@@IEAA@AEAVQAnimationGroupPrivate@@PEAVQObject@@@Z
??0QAnimationGroup@@QEAA@PEAVQObject@@@Z
??0QArrayData@@QEAA@XZ
??0QAssociativeIterable@@QEAA@VQAssociativeIterableImpl@QtMetaTypePrivate@@@Z
??0QBasicMutex@@QEAA@XZ
??0QBasicTimer@@QEAA@$$QEAV0@@Z
??0QBasicTimer@@QEAA@AEBV0@@Z
??0QBasicTimer@@QEAA@XZ
??0QBinaryJsonValue@@AEAA@PEAVMutableData@QBinaryJsonPrivate@@PEAVBase@2@AEBVValue@2@@Z
??0QBinaryJsonValue@@QEAA@$$QEAV0@@Z
??0QBinaryJsonValue@@QEAA@AEBVQBinaryJsonArray@@@Z
??0QBinaryJsonValue@@QEAA@AEBVQBinaryJsonObject@@@Z
??0QBinaryJsonValue@@QEAA@N@Z
??0QBinaryJsonValue@@QEAA@VQString@@@Z
??0QBinaryJsonValue@@QEAA@W4Type@QJsonValue@@@Z
??0QBinaryJsonValue@@QEAA@_N@Z
??0QBitArray@@QEAA@$$QEAV0@@Z
??0QBitArray@@QEAA@AEBV0@@Z
??0QBitArray@@QEAA@H_N@Z
??0QBitArray@@QEAA@XZ
??0QBitRef@@AEAA@AEAVQBitArray@@H@Z
??0QBuffer@@QEAA@PEAVQByteArray@@PEAVQObject@@@Z
??0QBuffer@@QEAA@PEAVQObject@@@Z
??0QByteArray@@QEAA@$$QEAV0@@Z
??0QByteArray@@QEAA@AEBV0@@Z
??0QByteArray@@QEAA@HD@Z
??0QByteArray@@QEAA@HW4Initialization@Qt@@@Z
??0QByteArray@@QEAA@PEBDH@Z
??0QByteArray@@QEAA@UQByteArrayDataPtr@@@Z
??0QByteArray@@QEAA@XZ
??0QByteArrayMatcher@@QEAA@AEBV0@@Z
??0QByteArrayMatcher@@QEAA@AEBVQByteArray@@@Z
??0QByteArrayMatcher@@QEAA@PEBDH@Z
??0QByteArrayMatcher@@QEAA@XZ
??0QByteRef@@AEAA@AEAVQByteArray@@H@Z
??0QCalendar@@QEAA@VQLatin1String@@@Z
??0QCalendar@@QEAA@VQStringView@@@Z
??0QCalendar@@QEAA@W4System@0@@Z
??0QCalendar@@QEAA@XZ
??0QCalendarBackend@@IEAA@AEBVQString@@W4System@QCalendar@@@Z
??0QCalendarBackend@@QEAA@AEBV0@@Z
??0QCborArray@@AEAA@AEAVQCborContainerPrivate@@@Z
??0QCborArray@@QEAA@AEBV0@@Z
??0QCborArray@@QEAA@V?$initializer_list@VQCborValue@@@std@@@Z
??0QCborArray@@QEAA@XZ
??0QCborMap@@AEAA@AEAVQCborContainerPrivate@@@Z
??0QCborMap@@QEAA@AEBV0@@Z
??0QCborMap@@QEAA@V?$initializer_list@U?$QPair@VQCborValue@@V1@@@@std@@@Z
??0QCborMap@@QEAA@XZ
??0QCborStreamReader@@QEAA@AEBVQByteArray@@@Z
??0QCborStreamReader@@QEAA@PEAVQIODevice@@@Z
??0QCborStreamReader@@QEAA@PEBD_J@Z
??0QCborStreamReader@@QEAA@PEBE_J@Z
??0QCborStreamReader@@QEAA@XZ
??0QCborStreamWriter@@QEAA@PEAVQByteArray@@@Z
??0QCborStreamWriter@@QEAA@PEAVQIODevice@@@Z
??0QCborValue@@QEAA@$$QEAV0@@Z
??0QCborValue@@QEAA@$$QEAVQCborArray@@@Z
??0QCborValue@@QEAA@$$QEAVQCborMap@@@Z
??0QCborValue@@QEAA@$$T@Z
??0QCborValue@@QEAA@AEBV0@@Z
??0QCborValue@@QEAA@AEBVQByteArray@@@Z
??0QCborValue@@QEAA@AEBVQCborArray@@@Z
??0QCborValue@@QEAA@AEBVQCborMap@@@Z
??0QCborValue@@QEAA@AEBVQDateTime@@@Z
??0QCborValue@@QEAA@AEBVQRegularExpression@@@Z
??0QCborValue@@QEAA@AEBVQString@@@Z
??0QCborValue@@QEAA@AEBVQUrl@@@Z
??0QCborValue@@QEAA@AEBVQUuid@@@Z
??0QCborValue@@QEAA@H@Z
??0QCborValue@@QEAA@I@Z
??0QCborValue@@QEAA@N@Z
??0QCborValue@@QEAA@PEBD@Z
??0QCborValue@@QEAA@VQLatin1String@@@Z
??0QCborValue@@QEAA@VQStringView@@@Z
??0QCborValue@@QEAA@W4QCborKnownTags@@AEBV0@@Z
??0QCborValue@@QEAA@W4QCborSimpleType@@@Z
??0QCborValue@@QEAA@W4QCborTag@@AEBV0@@Z
??0QCborValue@@QEAA@W4Type@0@@Z
??0QCborValue@@QEAA@XZ
??0QCborValue@@QEAA@_J@Z
??0QCborValue@@QEAA@_N@Z
??0QCborValueRef@@AEAA@PEAVQCborContainerPrivate@@_J@Z
??0QCborValueRef@@AEAA@XZ
??0QChar@@QEAA@D@Z
??0QChar@@QEAA@E@Z
??0QChar@@QEAA@EE@Z
??0QChar@@QEAA@F@Z
??0QChar@@QEAA@G@Z
??0QChar@@QEAA@H@Z
??0QChar@@QEAA@I@Z
??0QChar@@QEAA@UQLatin1Char@@@Z
??0QChar@@QEAA@W4SpecialCharacter@0@@Z
??0QChar@@QEAA@XZ
??0QChar@@QEAA@_S@Z
??0QChar@@QEAA@_W@Z
??0QCharRef@@AEAA@AEAVQString@@H@Z
??0QChildEvent@@QEAA@AEBV0@@Z
??0QChildEvent@@QEAA@W4Type@QEvent@@PEAVQObject@@@Z
??0QCollator@@QEAA@$$QEAV0@@Z
??0QCollator@@QEAA@AEBV0@@Z
??0QCollator@@QEAA@AEBVQLocale@@@Z
??0QCollator@@QEAA@XZ
??0QCollatorSortKey@@IEAA@PEAVQCollatorSortKeyPrivate@@@Z
??0QCollatorSortKey@@QEAA@AEBV0@@Z
??0QCommandLineOption@@QEAA@AEBV0@@Z
??0QCommandLineOption@@QEAA@AEBVQString@@000@Z
??0QCommandLineOption@@QEAA@AEBVQString@@@Z
??0QCommandLineOption@@QEAA@AEBVQStringList@@@Z
??0QCommandLineOption@@QEAA@AEBVQStringList@@AEBVQString@@11@Z
??0QCommandLineParser@@QEAA@XZ
??0QConcatenateTablesProxyModel@@QEAA@PEAVQObject@@@Z
??0QContiguousCacheData@@QEAA@XZ
??0QCoreApplication@@IEAA@AEAVQCoreApplicationPrivate@@@Z
??0QCoreApplication@@QEAA@AEAHPEAPEADH@Z
??0QCoreApplicationPrivate@@QEAA@AEAHPEAPEADI@Z
??0QCryptographicHash@@QEAA@W4Algorithm@0@@Z
??0QDaemonThread@@QEAA@PEAVQObject@@@Z
??0QDataStream@@QEAA@AEBVQByteArray@@@Z
??0QDataStream@@QEAA@PEAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QDataStream@@QEAA@PEAVQIODevice@@@Z
??0QDataStream@@QEAA@XZ
??0QDate@@AEAA@_J@Z
??0QDate@@QEAA@HHH@Z
??0QDate@@QEAA@HHHVQCalendar@@@Z
??0QDate@@QEAA@XZ
??0QDateTime@@QEAA@$$QEAV0@@Z
??0QDateTime@@QEAA@AEBV0@@Z
??0QDateTime@@QEAA@AEBVQDate@@@Z
??0QDateTime@@QEAA@AEBVQDate@@AEBVQTime@@AEBVQTimeZone@@@Z
??0QDateTime@@QEAA@AEBVQDate@@AEBVQTime@@W4TimeSpec@Qt@@@Z
??0QDateTime@@QEAA@AEBVQDate@@AEBVQTime@@W4TimeSpec@Qt@@H@Z
??0QDateTime@@QEAA@XZ
??0QDateTimeParser@@QEAA@AEBV0@@Z
??0QDateTimeParser@@QEAA@W4Type@QMetaType@@W4Context@0@AEBVQCalendar@@@Z
??0QDeadlineTimer@@QEAA@W4ForeverConstant@0@W4TimerType@Qt@@@Z
??0QDeadlineTimer@@QEAA@W4TimerType@Qt@@@Z
??0QDeadlineTimer@@QEAA@_JW4TimerType@Qt@@@Z
??0QDebug@@QEAA@$$QEAV0@@Z
??0QDebug@@QEAA@AEBV0@@Z
??0QDebug@@QEAA@PEAVQIODevice@@@Z
??0QDebug@@QEAA@PEAVQString@@@Z
??0QDebug@@QEAA@W4QtMsgType@@@Z
??0QDebugStateSaver@@QEAA@AEAVQDebug@@@Z
??0QDeferredDeleteEvent@@QEAA@AEBV0@@Z
??0QDeferredDeleteEvent@@QEAA@XZ
??0QDir@@IEAA@AEAVQDirPrivate@@@Z
??0QDir@@QEAA@AEBV0@@Z
??0QDir@@QEAA@AEBVQString@@0V?$QFlags@W4SortFlag@QDir@@@@V?$QFlags@W4Filter@QDir@@@@@Z
??0QDir@@QEAA@AEBVQString@@@Z
??0QDirIterator@@QEAA@AEBVQDir@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDirIterator@@QEAA@AEBVQString@@AEBVQStringList@@V?$QFlags@W4Filter@QDir@@@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDirIterator@@QEAA@AEBVQString@@V?$QFlags@W4Filter@QDir@@@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDirIterator@@QEAA@AEBVQString@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDynamicMetaObjectData@@QEAA@AEBU0@@Z
??0QDynamicMetaObjectData@@QEAA@XZ
??0QDynamicPropertyChangeEvent@@QEAA@AEBV0@@Z
??0QDynamicPropertyChangeEvent@@QEAA@AEBVQByteArray@@@Z
??0QEasingCurve@@QEAA@$$QEAV0@@Z
??0QEasingCurve@@QEAA@AEBV0@@Z
??0QEasingCurve@@QEAA@W4Type@0@@Z
??0QElapsedTimer@@QEAA@XZ
??0QEvent@@QEAA@AEBV0@@Z
??0QEvent@@QEAA@W4Type@0@@Z
??0QEventDispatcherWin32@@IEAA@AEAVQEventDispatcherWin32Private@@PEAVQObject@@@Z
??0QEventDispatcherWin32@@QEAA@PEAVQObject@@@Z
??0QEventDispatcherWin32Private@@QEAA@XZ
??0QEventLoop@@QEAA@PEAVQObject@@@Z
??0QEventLoopLocker@@QEAA@PEAVQEventLoop@@@Z
??0QEventLoopLocker@@QEAA@PEAVQThread@@@Z
??0QEventLoopLocker@@QEAA@XZ
??0QEventTransition@@IEAA@AEAVQEventTransitionPrivate@@PEAVQObject@@W4Type@QEvent@@PEAVQState@@@Z
??0QEventTransition@@IEAA@AEAVQEventTransitionPrivate@@PEAVQState@@@Z
??0QEventTransition@@QEAA@PEAVQObject@@W4Type@QEvent@@PEAVQState@@@Z
??0QEventTransition@@QEAA@PEAVQState@@@Z
??0QEventTransitionPrivate@@QEAA@XZ
??0QException@@QEAA@AEBV0@@Z
??0QException@@QEAA@XZ
??0QFSFileEngine@@IEAA@AEAVQFSFileEnginePrivate@@@Z
??0QFSFileEngine@@QEAA@AEBVQString@@@Z
??0QFSFileEngine@@QEAA@XZ
??0QFactoryInterface@@QEAA@AEBU0@@Z
??0QFactoryInterface@@QEAA@XZ
??0QFactoryLoader@@QEAA@PEBDAEBVQString@@W4CaseSensitivity@Qt@@@Z
??0QFile@@IEAA@AEAVQFilePrivate@@PEAVQObject@@@Z
??0QFile@@QEAA@AEBVQString@@@Z
??0QFile@@QEAA@AEBVQString@@PEAVQObject@@@Z
??0QFile@@QEAA@PEAVQObject@@@Z
??0QFile@@QEAA@XZ
??0QFileDevice@@IEAA@AEAVQFileDevicePrivate@@PEAVQObject@@@Z
??0QFileDevice@@IEAA@PEAVQObject@@@Z
??0QFileDevice@@IEAA@XZ
??0QFileInfo@@QEAA@AEBV0@@Z
??0QFileInfo@@QEAA@AEBVQDir@@AEBVQString@@@Z
??0QFileInfo@@QEAA@AEBVQFile@@@Z
??0QFileInfo@@QEAA@AEBVQString@@@Z
??0QFileInfo@@QEAA@PEAVQFileInfoPrivate@@@Z
??0QFileInfo@@QEAA@XZ
??0QFileSelector@@QEAA@PEAVQObject@@@Z
??0QFileSelectorPrivate@@QEAA@XZ
??0QFileSystemWatcher@@QEAA@AEBVQStringList@@PEAVQObject@@@Z
??0QFileSystemWatcher@@QEAA@PEAVQObject@@@Z
??0QFinalState@@IEAA@AEAVQFinalStatePrivate@@PEAVQState@@@Z
??0QFinalState@@QEAA@PEAVQState@@@Z
??0QFinalStatePrivate@@QEAA@XZ
??0QFutureInterfaceBase@@QEAA@AEBV0@@Z
??0QFutureInterfaceBase@@QEAA@W4State@0@@Z
??0QFutureWatcherBase@@QEAA@PEAVQObject@@@Z
??0QGenericArgument@@QEAA@PEBDPEBX@Z
??0QGenericReturnArgument@@QEAA@PEBDPEAX@Z
??0QGregorianCalendar@@QEAA@$$QEAV0@@Z
??0QGregorianCalendar@@QEAA@AEBV0@@Z
??0QGregorianCalendar@@QEAA@XZ

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4669247ec1a0c97441b6dc330f0fc086

Code Sign

07:e2:ef:84:3d:0d:6f:58:cb:bb:06:e3:e8:b3:d3:20Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

9e:a5:83:0c:d9:76:a8:89:7c:77:41:b1:04:cf:58:e7:3e:89:c9:6b:1f:05:fb:c9:b1:fc:01:ba:5b:8e:fb:e5Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt5core

msvcp140

kernel32

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 357KB - Virtual size: 357KB

.rdata Size: 141KB - Virtual size: 141KB

.data Size: 19KB - Virtual size: 20KB

.pdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

af55adcc47d59677486af7558a14bf55

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bcrypt

kernel32

ole32

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 8KB - Virtual size: 482KB

.pdata Size: 198KB - Virtual size: 198KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

07:e2:ef:84:3d:0d:6f:58:cb:bb:06:e3:e8:b3:d3:20
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

9e:a5:83:0c:d9:76:a8:89:7c:77:41:b1:04:cf:58:e7:3e:89:c9:6b:1f:05:fb:c9:b1:fc:01:ba:5b:8e:fb:e5
Signer

.text
Size: 357KB - Virtual size: 357KB

.rdata
Size: 141KB - Virtual size: 141KB

.data
Size: 19KB - Virtual size: 20KB

.pdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 8KB - Virtual size: 482KB

.pdata
Size: 198KB - Virtual size: 198KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB