General

  • Target

    0da522d19d035d24c2d3a37d49c32f1a243204dd

  • Size

    1.3MB

  • MD5

    b403b66e96b05110739e0adeddf94308

  • SHA1

    0da522d19d035d24c2d3a37d49c32f1a243204dd

  • SHA256

    22dbea29370d5073ef25e4c9da06a08e5692e76d047cc5134f949464fa2c8929

  • SHA512

    e387f1e74661e74745136cbaa2aafa3d6fe949d4fff95f886cfd5828e056651f0b822fea1ec95846c5b8b2eeb783786ef883df75f1d2b0fe22ba3897de3bc37c

  • SSDEEP

    24576:mPwlPL8T9KF3VLw7hZR1ot+/DQqFly+UWtq9iK9NPBmKLa8e30N0vJfYF7/:mQP49KFlLQhH1ot+/z9SFP9pmtgJ/

Score
8/10

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

Files

  • 0da522d19d035d24c2d3a37d49c32f1a243204dd
    .zip
  • hyzjzzxbcom/会员终结者3.8.exe
    .exe windows x86

    96625d6422e1ef705d6e925132bb73ce


    Headers

    Imports

    Sections

  • hyzjzzxbcom/绿盟.url
    .url
  • 绿盟.url
    .url