SecuriteInfo[.]com[.]W32[.]Qhost[.]0CCA[.]tr[.]20922[.]4629[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Qhost.0CCA.tr.20922.4629.exe
Size

7KB
MD5

18497513475657f40fc01dcbcdd8cbbe
SHA1

354dc82cbf357d3f3d48dff8d474fe4754161270
SHA256

7228a4a0ee6bc15b54085d0acbd352cb4c9d9ff7f6705d2f0db12f0852b44458
SHA512

cc5ec9d43bbcb571214dd9932c59748cfe1a5350ae1d1d5f2237be77082ab009a7c91cb7a38dc80ef27f4f8b3cc8e86801bdde41552b823d93e04d01c7054990
SSDEEP

192:n+xfRq8HebguuREnZXbzNbotbFtZKN8lryb:C3HqsREnZX3Qt02gb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.Qhost.0CCA.tr.20922.4629.exe

Files

SecuriteInfo.com.W32.Qhost.0CCA.tr.20922.4629.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ