General

  • Target

    SIR456789.7z

  • Size

    4.9MB

  • MD5

    456992e7240468608d46742bd28be123

  • SHA1

    cbbdae16d887fecb7d984b3c3a370f76f423e874

  • SHA256

    4ed812a7bbb4b1d5fa0044bb17f8cf5ddfd526fd5216b7658f88ebaad2751e19

  • SHA512

    7c2c1ebd75f5eb4ad44f03fbdd08895a447f95ea68f08f047e3bf14a4293e680c7d6fb25eb82744176e094829efa695ff4cad461778d70db35affe6951f7c9df

  • SSDEEP

    98304:m3+7Her8Smlyi8zhSrgrpuNmCE1BwJQgXHip1cNcYYxNwmK15:nOBmlyiZPwCE4JQg3m1cNexi15

Score
7/10

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

Files

  • SIR456789.7z
    .7z

    Password: infected

  • rook.exe
    .exe windows x64

    Password: infected

    775f9faaae07b00bba9f11f0542ae8fa


    Headers

    Imports

    Sections