Trojan-Proxy[.]Win32[.]Qukart[.]vij-c14639db64b0ddbc07f8d3195702a62d58b455b8bf74b79c0e70b0ca0571aad5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Proxy.Win32.Qukart.vij-c14639db64b0ddbc07f8d3195702a62d58b455b8bf74b79c0e70b0ca0571aad5
Size

8.7MB
MD5

24b7e9fb09b8492c5ab8f49b561a8e6a
SHA1

0aea3e1432cbf8cd8b11585299382eb48ba89b97
SHA256

c14639db64b0ddbc07f8d3195702a62d58b455b8bf74b79c0e70b0ca0571aad5
SHA512

43611b98572c5f65ca6b1d91aa3f8049d74328c1efa337a8608781a7be3c7099dcdf33413ddf20befbaa2cf4e1abb10b3c5babe23fe8ab5fbef6d2abac867398
SSDEEP

196608:naSHFaZRBEYyqmS2DiHPKQgwUgUjvho4wzlF65i6YxE+aV:naSHFaZRBEYyqmS2DiHPKQg3jvZwNVOV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Trojan-Proxy.Win32.Qukart.vij-c14639db64b0ddbc07f8d3195702a62d58b455b8bf74b79c0e70b0ca0571aad5

Files

Trojan-Proxy.Win32.Qukart.vij-c14639db64b0ddbc07f8d3195702a62d58b455b8bf74b79c0e70b0ca0571aad5
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jfbbql
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.l1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ