QzHDM.exe

First submission 2022-07-20 07:23:02

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
File type: 177.0 KB (181248 bytes)
Compile time: 2013-12-23 09:25:40
MD5: 28abad5ccdbb803d75dcb36f2a5b41b5
SHA1: b5cdce07b6b03dc6966887d6f6431ce99d9bc718
SHA256: 2218130c9581e160a609db084ef0ee73524a9742459742f0b38e25c0374d5a95
Sections 1 .text
Virus Total: 53/71 VT report date: 2022-07-30 00:16:21

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 7

URL Host (FQDN/IP) Date Added
hXXp://193.233.179.125/aTTSP.exe VirusTotal Report 193.233.179.125 VirusTotal Report 2022-07-20 07:23:02
hXXp://102.37.220.234/htdocs/oREFB.exe VirusTotal Report 102.37.220.234 VirusTotal Report 2022-07-21 13:36:07
hXXp://102.37.220.234/htdocs/pJGJj.exe VirusTotal Report 102.37.220.234 VirusTotal Report 2022-07-26 18:20:07
hXXp://102.37.220.234/htdocs/KaKzM.exe VirusTotal Report 102.37.220.234 VirusTotal Report 2022-07-26 18:25:07
hXXp://102.37.220.234/htdocs/xEPYe.exe VirusTotal Report 102.37.220.234 VirusTotal Report 2022-07-26 19:44:07
hXXp://102.37.220.234/htdocs/TpPsE.exe VirusTotal Report 102.37.220.234 VirusTotal Report 2022-07-26 21:34:08
hXXp://109.206.241.81/htdocs/QzHDM.exe VirusTotal Report 109.206.241.81 VirusTotal Report 2022-08-02 19:55:06

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x2b0fc 176640 47d163a9f8fcc1f11d8162bf334dc00f119d1ac7 e77869a1ea491c8a7c975df5204d18b9

Packers detected 1

Borland Delphi 3.0 (???)

Anti debug functions 1

VMCheck.dll