Overview

overview

10

Static

static

8

44ad0656ef...d0.dll

windows7_x64

6

44ad0656ef...d0.dll

windows10_x64

6

63e28585c6...1b.exe

windows7_x64

8

63e28585c6...1b.exe

windows10_x64

8

77d426d73e...f7.exe

windows7_x64

10

77d426d73e...f7.exe

windows10_x64

10

7b79f71dab...a8.exe

windows7_x64

8

7b79f71dab...a8.exe

windows10_x64

8

95cff1b536...b3.exe

windows7_x64

10

95cff1b536...b3.exe

windows10_x64

10

c2ed23b08d...6c.exe

windows7_x64

8

c2ed23b08d...6c.exe

windows10_x64

8

d10a043f50...fd.exe

windows7_x64

10

d10a043f50...fd.exe

windows10_x64

10

e265a0c4cb...ed.exe

windows7_x64

7

e265a0c4cb...ed.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aaa.zip

  • Size

    4.1MB

  • MD5

    d33b55d5c3377fe8204f96d9c1d1b1cf

  • SHA1

    e4a87c5f33b9583a2226c3d1c70a5e03559318af

  • SHA256

    a46de7b1eb5d6bd50182eebb1822b4535f3018136cd98af27ae6c462583a2267

  • SHA512

    678ffb46def52e89dcafc2d29981a3adc0a0f90554716517511ae773db229aed0f78b62e75c3662a6a34ac6588fd0083536149f04a630a764b6787dbf9794ce3

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Files

  • aaa.zip
    .zip .ps1

    Password: haha

  • 44ad0656ef0e7e356ad7a37992d81bb2832fd6f7d420a9502627a77c43f8f8d0
    .dll windows x64 regsvr32


    Exports

  • 63e28585c6bf3c79b7f7c8c53533f3e0500ced3535ab1d6ffabb294a932c281b
    .exe windows x86


  • 77d426d73e3aeef4eb5f1ccf5e3815f52af9c4d6b86d43cc5533548a0ab764f7
    .exe windows x86


  • 7b79f71dab448bf9fb7e6686894fbb342bacdfe6e058a0d0efbf3453fa366da8
    .exe windows x86


  • 95cff1b536234f6cb1b3682bf4d88a3b4583710450652a9d928f67149f1208b3
    .exe windows x86


  • c2ed23b08dc766bf925748880bbf70a63516caba3f8646418bca231488708d6c
    .exe windows x86


  • d10a043f50b47c93c7bdd522d777d62b6034134605449465c2cd3e66958be4fd
    .exe windows x86


  • e265a0c4cb17501c0c96d3b9c996c27a6cb3479d20802c90ed9535d8e31075ed
    .exe windows x86