× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 258b95c3f7a4fb0c599f7a051cf896cc9cdf1bad48257e452479775daa2c0221
File name: qrk.exe
Detection ratio: 0 / 56
Analysis date: 2016-05-09 09:14:48 UTC ( 2 years, 8 months ago )
Antivirus Result Update
Ad-Aware 20160509
AegisLab 20160509
AhnLab-V3 20160508
Alibaba 20160509
ALYac 20160509
Antiy-AVL 20160509
Arcabit 20160509
Avast 20160509
AVG 20160509
Avira (no cloud) 20160508
AVware 20160509
Baidu 20160506
Baidu-International 20160508
BitDefender 20160509
Bkav 20160506
CAT-QuickHeal 20160509
ClamAV 20160508
CMC 20160506
Comodo 20160509
Cyren 20160509
DrWeb 20160509
Emsisoft 20160503
ESET-NOD32 20160509
F-Prot 20160509
F-Secure 20160509
Fortinet 20160509
GData 20160509
Ikarus 20160509
Jiangmin 20160509
K7AntiVirus 20160508
K7GW 20160509
Kaspersky 20160509
Kingsoft 20160509
Malwarebytes 20160509
McAfee 20160509
McAfee-GW-Edition 20160509
Microsoft 20160509
eScan 20160509
NANO-Antivirus 20160509
nProtect 20160504
Panda 20160508
Qihoo-360 20160509
Rising 20160509
Sophos AV 20160509
SUPERAntiSpyware 20160509
Symantec 20160509
Tencent 20160509
TheHacker 20160508
TrendMicro 20160509
TrendMicro-HouseCall 20160509
VBA32 20160505
VIPRE 20160509
ViRobot 20160509
Yandex 20160508
Zillya 20160508
Zoner 20160509
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-08 12:42:41
Entry Point 0x000014C0
Number of sections 11
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
RegNotifyChangeKeyValue
CopySid
RegQueryValueExA
RegDeleteKeyW
RegQueryValueExW
RegFlushKey
OpenProcessToken
DeregisterEventSource
RegOpenKeyExW
RegisterEventSourceA
LookupAccountNameW
RegOpenKeyExA
RegEnumValueA
GetTokenInformation
CryptReleaseContext
CryptAcquireContextA
GetUserNameW
IsValidSid
RegQueryInfoKeyW
CryptGenRandom
RegEnumKeyExW
GetLengthSid
RegDeleteValueW
RegSetValueExW
FreeSid
RegEnumValueW
EqualSid
ReportEventA
PrintDlgExW
CertEnumCertificatesInStore
CertCreateCertificateContext
CertGetCertificateContextProperty
CertFreeCertificateContext
CertCloseStore
CertDeleteCertificateFromStore
PFXImportCertStore
CertFindCertificateInStore
CertFreeCertificateChain
CertOpenSystemStoreA
CertGetCertificateChain
SetGraphicsMode
StartDocW
GetCharABCWidthsW
GetCharABCWidthsFloatW
RemoveFontMemResourceEx
CreateFontIndirectW
SetBkMode
GetGlyphOutlineW
CreatePen
GetBkMode
SaveDC
SetTextAlign
EndPath
CombineRgn
GetTextMetricsW
GetBitmapBits
GetDeviceCaps
LineTo
OffsetRgn
DeleteDC
SetWorldTransform
RestoreDC
PolyBezierTo
GetPixelFormat
StretchBlt
EndDoc
StartPage
ChoosePixelFormat
FillPath
CreateDCW
CreateDIBSection
SetTextColor
GetRegionData
GetObjectA
MoveToEx
ExtTextOutW
GetObjectW
GetTextFaceW
DescribePixelFormat
CreateBitmap
BitBlt
EnumFontFamiliesExW
AddFontMemResourceEx
GetStockObject
GetOutlineTextMetricsW
GetDIBits
SetPixelFormat
GdiFlush
SelectClipRgn
CreateCompatibleDC
GetTextExtentPoint32W
RemoveFontResourceExW
SwapBuffers
StrokePath
EndPage
CreateRectRgn
CloseFigure
DeleteObject
SetPolyFillMode
AddFontResourceExW
CreateSolidBrush
ExtCreatePen
SelectObject
GetFontData
ResetDCW
BeginPath
AbortDoc
CreateCompatibleBitmap
SelectClipPath
ImmGetVirtualKey
ImmSetCompositionWindow
ImmGetDefaultIMEWnd
ImmNotifyIME
ImmGetContext
ImmSetCandidateWindow
ImmReleaseContext
ImmGetCompositionStringW
ImmAssociateContext
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
GetComputerNameA
GetFileAttributesA
SetEvent
FindFirstFileW
HeapDestroy
GetFileAttributesW
lstrcmpW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
MoveFileW
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
IsValidLanguageGroup
OpenFileMappingA
SetErrorMode
VerifyVersionInfoW
GetLogicalDrives
FreeEnvironmentStringsW
GetLocaleInfoW
IsDBCSLeadByteEx
GetTempPathA
CheckRemoteDebuggerPresent
WideCharToMultiByte
GetOverlappedResult
GetDiskFreeSpaceW
GetTempPathW
WaitForSingleObject
GetSystemTimeAsFileTime
EnumResourceLanguagesA
GetThreadTimes
GetDiskFreeSpaceA
GetThreadPriority
GetFullPathNameA
GetExitCodeProcess
LocalFree
FormatMessageW
ConnectNamedPipe
GetTimeZoneInformation
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
OutputDebugStringA
VirtualQuery
GetEnvironmentVariableW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
InitializeCriticalSection
CopyFileW
GetUserDefaultLangID
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
FlushViewOfFile
LoadLibraryA
VerSetConditionMask
WakeConditionVariable
EnumSystemLocalesA
LoadLibraryExA
SetThreadPriority
InitializeConditionVariable
GetVolumeInformationW
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
SetFilePointerEx
FindNextChangeNotification
SetFilePointer
LockFileEx
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
DisconnectNamedPipe
SetNamedPipeHandleState
CreateSemaphoreW
CreateMutexW
GetFileInformationByHandle
GetSystemDirectoryA
SetHandleInformation
WaitForMultipleObjectsEx
GlobalMemoryStatus
FindCloseChangeNotification
SetUnhandledExceptionFilter
GetVersion
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
SleepEx
CloseHandle
AreFileApisANSI
HeapFree
EnterCriticalSection
PeekNamedPipe
TerminateThread
LoadLibraryW
OpenThread
GetVersionExW
FreeLibrary
QueryPerformanceCounter
ReadConsoleInputA
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
GetModuleHandleW
WaitForSingleObjectEx
GlobalSize
GetStartupInfoA
UnlockFile
GetWindowsDirectoryW
GetFileSize
OpenProcess
DeleteFileA
GetWindowsDirectoryA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetSystemInfo
GetProcessHeap
CreateFileMappingW
CompareStringW
GetFileSizeEx
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
WaitNamedPipeA
HeapValidate
ResetEvent
SleepConditionVariableCS
CreateFileMappingA
FindNextFileA
IsValidLocale
DuplicateHandle
FindFirstFileExW
GetUserDefaultLCID
GetProcessAffinityMask
CreateEventW
CreateFileW
GetConsoleWindow
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
GetCurrencyFormatW
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
SystemTimeToFileTime
GetShortPathNameW
UnmapViewOfFile
CreateNamedPipeW
GlobalFree
GetConsoleCP
ResumeThread
HeapReAlloc
GetTimeFormatW
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
GetUserGeoID
FindFirstChangeNotificationW
GetQueuedCompletionStatus
LockFile
SwitchToThread
GetCurrentDirectoryW
GetCurrentProcessId
CreateIoCompletionPort
GetCommandLineW
GetCPInfoExA
HeapSize
InterlockedCompareExchange
CancelIo
GetCurrentThread
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
HeapCompact
ReadFile
FindFirstFileA
PeekConsoleInputA
UnlockFileEx
GetACP
GlobalLock
GetGeoInfoW
GetFileAttributesExW
GetLongPathNameW
IsValidCodePage
HeapCreate
WriteFile
PostQueuedCompletionStatus
CreateProcessW
WaitForMultipleObjects
Sleep
TerminateProcess
GetFileAttributesExA
OpenEventA
SQLExecute
SQLTablesW
SQLGetInfoW
SQLSpecialColumnsW
SQLEndTran
SQLNumResultCols
SQLRowCount
SQLGetFunctions
SQLPrimaryKeysW
SQLColAttributeW
SQLFetchScroll
SQLPrepareW
SQLSetStmtAttrW
SQLGetTypeInfoW
SQLGetDiagRecW
SQLCloseCursor
SQLGetData
SQLAllocHandle
SQLSetConnectAttrW
SQLFetch
SQLFreeHandle
SQLGetStmtAttrW
SQLExecDirectW
SQLDriverConnectW
SQLSetEnvAttr
SQLColumnsW
SQLDisconnect
SQLDescribeColW
SQLMoreResults
SQLBindParameter
VariantInit
SysAllocStringLen
glCopyTexSubImage2D
glFlush
glTexSubImage2D
glClearColor
glDisable
glStencilMask
glPolygonOffset
glDepthFunc
glHint
glBindTexture
glDrawArrays
glTexImage2D
glCullFace
glGetString
glEnable
glClear
glTexParameterfv
glLineWidth
glFinish
glIsEnabled
glStencilOp
glReadPixels
glClearDepth
glDrawElements
glBlendFunc
glDeleteTextures
glViewport
glCopyTexImage2D
glGetError
glTexParameteriv
glGetTexParameteriv
glClearStencil
glDepthMask
glGetFloatv
glDepthRange
glTexParameterf
glIsTexture
glGenTextures
glTexParameteri
glFrontFace
glStencilFunc
glColorMask
glGetIntegerv
glScissor
glGetBooleanv
glPixelStorei
glGetTexParameterfv
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHGetMalloc
CommandLineToArgvW
GetUserNameExW
CompleteAuthToken
AcquireCredentialsHandleA
DeleteSecurityContext
FreeContextBuffer
InitializeSecurityContextW
FreeCredentialsHandle
GetForegroundWindow
SetWindowRgn
TrackMouseEvent
SetWindowPos
IsWindow
EndPaint
SetMenuItemInfoW
GetDC
DestroyCursor
GetCursorPos
ChildWindowFromPointEx
GetMenu
TranslateMessage
UnregisterClassW
GetClassInfoW
ToAscii
SetCaretPos
CallNextHookEx
GetSysColor
LoadImageW
GetWindowTextW
DestroyWindow
GetUserObjectInformationW
GetParent
GetCursorInfo
EnumWindows
CreateCaret
ShowWindow
FlashWindowEx
EnumDisplayMonitors
PeekMessageW
SetWindowPlacement
GetClipboardFormatNameW
PeekMessageA
SetParent
DestroyCaret
CreateCursor
CharNextExA
GetIconInfo
GetQueueStatus
RegisterClassW
IsZoomed
GetWindowPlacement
SetWindowLongW
GetKeyboardLayoutList
IsIconic
TrackPopupMenuEx
SetTimer
GetKeyboardLayout
GetSysColorBrush
CreateWindowExW
GetWindowLongW
GetUpdateRect
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
SetCapture
BeginPaint
DefWindowProcW
KillTimer
MapVirtualKeyW
SetClipboardViewer
GetSystemMetrics
EnableMenuItem
GetWindowRect
PostMessageA
ReleaseCapture
GetMessageExtraInfo
GetProcessWindowStation
ToUnicode
DrawIconEx
SetWindowTextW
GetSystemMenu
ClientToScreen
PostMessageW
GetKeyboardState
PostThreadMessageW
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
LoadIconW
DispatchMessageW
SetForegroundWindow
NotifyWinEvent
GetAsyncKeyState
GetCaretBlinkTime
ReleaseDC
HideCaret
CreateIconIndirect
GetCapture
ScreenToClient
MessageBeep
GetWindowThreadProcessId
MessageBoxW
SendMessageW
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
MessageBoxA
ChangeClipboardChain
AdjustWindowRectEx
MsgWaitForMultipleObjectsEx
RegisterClipboardFormatW
GetKeyState
GetDoubleClickTime
DestroyIcon
RealGetWindowClassW
IsWindowVisible
SetCursorPos
SystemParametersInfoW
InvalidateRect
GetClientRect
GetCursor
GetFocus
GetAncestor
SetCursor
PlaySoundW
timeGetTime
DeviceCapabilitiesW
DocumentPropertiesW
GetDefaultPrinterW
EnumPrintersW
GetPrinterW
ClosePrinter
OpenPrinterW
getaddrinfo
htonl
WSAConnect
WSARecvFrom
WSARecv
accept
WSACreateEvent
WSAStartup
freeaddrinfo
recv
WSASocketW
getsockname
htons
getnameinfo
WSAGetLastError
gethostname
getsockopt
WSAAccept
WSAEnumProtocolsA
WSACloseEvent
WSAHtons
ntohl
inet_addr
WSASend
getservbyport
ioctlsocket
WSAHtonl
select
gethostbyaddr
listen
WSANtohl
__WSAFDIsSet
shutdown
WSAAsyncSelect
WSACleanup
gethostbyname
ntohs
WSASetLastError
WSAEventSelect
closesocket
WSAIoctl
WSANtohs
setsockopt
WSASetEvent
socket
getpeername
bind
WSASendTo
WSAEnumNetworkEvents
inet_ntoa
sendto
getservbyname
send
connect
__lconv_init
wcsftime
fseek
fclose
_snwprintf
strtoul
fflush
fsetpos
_fmode
strtol
__initenv
wcscmp
strtok
fwrite
_environ
frexp
mktime
_fstat64
_wrmdir
ungetwc
_wstat
isspace
_close
strcat_s
iswctype
_timezone
wcscoll
rewind
_wunlink
wcsncmp
_pipe
_umask
_wfopen
_write
_clearfp
memcpy
strstr
memmove
signal
_chdir
remove
__dllonexit
_get_osfhandle
freopen
_initterm
strcmp
memchr
strncmp
_kbhit
fgetc
memset
abort
strcat
_stricmp
_setmode
fgets
_wspawnvpe
__pioinfo
strchr
asin
_wputenv
_wfreopen
clock
fgetpos
_getpid
_unlock
ftell
exit
sprintf
asctime
strrchr
_acmdln
strcspn
fputc
ferror
gmtime
free
ungetc
_getdrive
__getmainargs
strlen
_stat
_lseeki64
_vsnprintf
putchar
puts
_read
_wopen
wcsxfrm
_findfirst
strcpy
fputwc
__mb_cur_max
islower
_getch
isupper
strftime
_fstati64
rand
_wspawnv
_putenv
setlocale
realloc
_getcwd
strxfrm
__doserrno
_open_osfhandle
fwprintf
isprint
_lseek
_setjmp3
toupper
printf
fopen
_vsnwprintf
strncpy
_cexit
raise
isalnum
fputs
_unlink
qsort
_tzset
_open
_onexit
wcslen
isalpha
_snprintf
putc
memcmp
__setusermatherr
log10
srand
_fdopen
wcschr
tmpnam
getenv
_stati64
atoi
vfprintf
atol
atof
strcoll
fscanf
_tzname
localeconv
_findnext
strerror
wcscpy
_beginthreadex
_strnicmp
putwc
localtime
vsprintf
isxdigit
malloc
sscanf
ldiv
acos
fread
_wspawnve
_waccess
_wchdir
fprintf
getwc
_wspawnvp
tan
ispunct
feof
_endthreadex
_amsg_exit
_wremove
_control87
_chsize
_cputs
_lock
_wutime
_findclose
_strdup
towlower
_fileno
wcsrchr
bsearch
strncat
longjmp
tolower
atan
_fullpath
_dup2
_wcreat
strpbrk
calloc
_exit
towupper
__argv
_wmkdir
wcstombs
_errno
iscntrl
_filelengthi64
__argc
_wchmod
time
wcsstr
_wgetdcwd
_iob
getc
setvbuf
__set_app_type
OleUninitialize
CoUninitialize
CoInitialize
OleFlushClipboard
CoLockObjectExternal
ReleaseStgMedium
CoCreateGuid
RegisterDragDrop
CoCreateInstance
DoDragDrop
RevokeDragDrop
OleSetClipboard
CoGetMalloc
OleGetClipboard
OleIsCurrentClipboard
CoTaskMemFree
OleInitialize
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:05:08 13:42:41+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
20096512

LinkerVersion
2.25

EntryPoint
0x14c0

InitializedDataSize
30712832

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
416768

File identification
MD5 014041652d830c1c7f71975d5f6135bb
SHA1 32d57c38397bcd2e4f376f9b1164dbdbfc5c9fda
SHA256 258b95c3f7a4fb0c599f7a051cf896cc9cdf1bad48257e452479775daa2c0221
ssdeep
393216:O/pVPfjlbUz8xldEeQpQAsNqIsLzpbtMKTqmz2j9Swq0opGJsv6tWKFdu9C:ofQ8jdEAN8tMrH

authentihash e634a2f8651d1c92768e0b59d213ff1eea3be46252347f3f96297139dcc9c515
imphash 5bda64745105ebcf18e63d259d95a190
File size 29.3 MB ( 30713856 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2016-05-09 09:14:48 UTC ( 2 years, 8 months ago )
Last submission 2016-05-09 09:14:48 UTC ( 2 years, 8 months ago )
File names qrk.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!