GqRNW.exe

First submission 2022-08-02 21:04:01

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
File type: 172.5 KB (176640 bytes)
Compile time: 2009-11-23 02:07:10
MD5: d1107ccdb6f648484eee8a1497546c9a
SHA1: e7c835553774139946bcabc1ee2a1c2b257222f9
SHA256: 0c637353bd7aab247ab18869806c7c8e19e057c6af88a1936b0fcc644737a8ea
Sections 1 .text
Virus Total: 40/71 VT report date: 2022-08-02 00:53:34

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://109.206.241.81/htdocs/GqRNW.exe VirusTotal Report 109.206.241.81 VirusTotal Report 2022-08-02 21:04:01

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x29e74 172032 3ef366f44e3d567fdb6701bacf2a3a90ff4f2c2d ed2173bcc9104227d1d7ab1d3e011cc4

Packers detected 1

Borland Delphi 3.0 (???)

Anti debug functions 1

VMCheck.dll