| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | SECOH-QAD.exe |
| File Type: | PE32+ executable (GUI) x86-64, for MS Windows |
| SHA1: | 66c72019eafa41bbf3e708cc3824c7c4447bdab6 |
| MD5: | 38de5b216c33833af710e88f7f64fc98 |
| First Seen Date: | 2015-08-31 04:56:27.460000 ( ) |
| Number of Clients Seen: | 628 |
| Last Analysis Date: | 2023-03-20 21:59:13.844647 ( ) |
| Human Expert Analysis Date: | 2018-10-24 14:39:07.838886 ( ) |
| Human Expert Analysis Result: | PUA |
| Property | Value |
|---|---|
| magic literal enum | 4 |
| file type enum | 7 |
| debug artifacts | [] |
| number of sections | 4 |
| trid | [] |
| compilation time stamp | 0x52E2A76B [Fri Jan 24 17:48:27 2014 UTC] |
| entry point | 0x140001000 (.text) |
| machine type | AMD64 only, not Itaniums, with 0200 - 64 bit |
| file size | 4608 |
| ssdeep | |
| sha256 | 9896a6fcb9bb5ac1ec5297b4a65be3f647589adf7c37b45f3f7466decd6a4a7f |
| exifinfo | [] |
| mime type | application/x-dosexec |
| imphash |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x3ff | 0x400 | 5.707653344 | 2087ce3b7f5940a3e4cdbca11c9815df |
| .rdata | 0x2000 | 0x530 | 0x600 | 3.83424840523 | 9fdfb5d778dd18b4fb57ebb90e9e681a |
| .pdata | 0x3000 | 0x30 | 0x200 | 0.428564979938 | 63f90834bf508c3c466106a0fd9df225 |
| .rsrc | 0x4000 | 0x1e0 | 0x200 | 4.70150325825 | 8d096de51d16180d98ba04bad2632f19 |
{u'lang': u'LANG_ENGLISH', u'name': u'RT_MANIFEST', u'offset': 16480, u'sha256': u'4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df', u'type': u'XML 1.0 document text', u'size': 381}