Static task
static1
Behavioral task
behavioral1
Sample
vnshell.app_-_BOOTICEx64.exe___c8dd28f1135c11861eb7d93b7a931433.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
vnshell.app_-_BOOTICEx64.exe___c8dd28f1135c11861eb7d93b7a931433.exe
Resource
win10v2004-20220414-en
General
-
Target
vnshell.app_-_BOOTICEx64.exe___c8dd28f1135c11861eb7d93b7a931433.dat
-
Size
450KB
-
MD5
c8dd28f1135c11861eb7d93b7a931433
-
SHA1
a59038260c47467a8ba32fe1053ea64193c0fc20
-
SHA256
708ca37f627961e44b9e64515ac0d162c54d6b87a627ade0ef05ba419cc2d509
-
SHA512
c23e5dd48874878ae23fc7506b895dcad5947e2af6997a0eae4f283185fe7b2dd58ab7bb5defd556044365aac44772cd290c1a0b04574915ffc36eb5563a8d11
-
SSDEEP
12288:R0kCWtPxzeyb9v/XPL/KeLSkZQMlal/1:2kCWtpbpzKeJlAlN
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
vnshell.app_-_BOOTICEx64.exe___c8dd28f1135c11861eb7d93b7a931433.dat.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 896KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 412KB - Virtual size: 412KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 37KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE