QzHDM.exe
First submission 2022-07-20 07:23:02
File details
| File type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| File type: | 177.0 KB (181248 bytes) |
| Compile time: | 2013-12-23 09:25:40 |
| MD5: | 28abad5ccdbb803d75dcb36f2a5b41b5 |
| SHA1: | b5cdce07b6b03dc6966887d6f6431ce99d9bc718 |
| SHA256: | 2218130c9581e160a609db084ef0ee73524a9742459742f0b38e25c0374d5a95 |
| Sections 1 | .text��� |
| Virus Total: | 53/71 VT report date: 2022-07-30 00:16:21 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 7
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://193.233.179.125/aTTSP.exe  |
193.233.179.125 |
2022-07-20 07:23:02 |
| hXXp://102.37.220.234/htdocs/oREFB.exe |
102.37.220.234 |
2022-07-21 13:36:07 |
| hXXp://102.37.220.234/htdocs/pJGJj.exe |
102.37.220.234 |
2022-07-26 18:20:07 |
| hXXp://102.37.220.234/htdocs/KaKzM.exe |
102.37.220.234 |
2022-07-26 18:25:07 |
| hXXp://102.37.220.234/htdocs/xEPYe.exe |
102.37.220.234 |
2022-07-26 19:44:07 |
| hXXp://102.37.220.234/htdocs/TpPsE.exe |
102.37.220.234 |
2022-07-26 21:34:08 |
| hXXp://109.206.241.81/htdocs/QzHDM.exe |
109.206.241.81 |
2022-08-02 19:55:06 |
PE Sections 1 suspicious
| Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
|---|---|---|---|---|---|---|
| .text��� | 0x1000 | 0x2b0fc | 176640 | 47d163a9f8fcc1f11d8162bf334dc00f119d1ac7 | e77869a1ea491c8a7c975df5204d18b9 |
Packers detected 1
| Borland Delphi 3.0 (???) |
Anti debug functions 1
| VMCheck.dll |