uqc.exe

First submission 2024-02-04 18:22:08

File details

File type: PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Mime type: application/x-dosexec
File size: 21.0 KB (21504 bytes)
Compile time: 2023-11-28 03:39:14
MD5: 19be3a58e362b68ea242f1e57b7dd22c
SHA1: 352dd884449e83ac998cdffdc6b2ad4fddd85133
SHA256: 994a565e24e6c054c66389da829438e4b20479a2907cfc2efd01a7823f3150ef
Import Hash : 7aa038e9c65b0fe66bbc2775d7dfe42f
Sections 10 .text .data .rdata .pdata .xdata .bss .idata .CRT .tls .rsrc
Directories 3 import resource tls
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://47.99.151.68:1302/uqc.exe VirusTotal Report 47.99.151.68 VirusTotal Report 2024-02-04 18:22:09

PE Sections 3 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x21b8 8704 1421f900a0c9bd75efec67898272dcbca91732c7 40d95c59c3c1f1ab0593ac97a6eeea22
.data 0x4000 0xd0 512 650ae875b0ecc6000030ec3a18ffa8a668c8f042 067be9471eef41fb769e9da4bf0f899f
.rdata 0x5000 0xfa0 4096 b124e6831fafadd059a4a4d12153d5ee1c198a1d fab3d6994d41d9fe5b35494d1693c6dd
.pdata 0x6000 0x270 1024 3347aff52dcd0e10a6fe51d7b922a8c3d54cefb3 61d7ed9b16d1080ebb2bf17fd8d09888
.xdata 0x7000 0x214 1024 9b3279ffb462b44c3a01a8ffcd2f936b2354a0a4 0b93ef3618a8f0fe81e0653a997937df
.bss 0x8000 0x980 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.idata 0x9000 0x824 2560 c65d2b35a93394f8831844546010569100003776 04ee1796c592a2a31177a9ac9be3a6ed
.CRT 0xa000 0x68 512 b01c24f9be460360062485e9844d3138e681dede 9bfc3ce75d719d8226de2d46adaf713d
.tls 0xb000 0x10 512 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5 bf619eac0cdf3f68d496ea9344137e8b
.rsrc 0xc000 0x4e8 1536 89ae0eacdebfc43deab4cb09c7e84d7f266fdec0 302acf3589069dafe3806c6220e3778b

PE Resources 1

Name Language Sublanguage Offset Size Data
RT_MANIFEST LANG_NEUTRAL SUBLANG_NEUTRAL 0xc058 1167

Packers detected 1

Microsoft Visual C++ 8.0 (DLL)

Anti debug functions 3

GetLastError
TerminateProcess
UnhandledExceptionFilter

Strings analysis - File found

Library
KERNEL32.dll
MSVCRT.dll

Import functions

Name Latest seen MD5
gzz.exe 2024-02-04 18:28:23 7d9c852903de2a824aa3f80dd1ab2b89