General
-
Target
8a470899a6ebb2299b54da55ad3897d2.bin
-
Size
2.6MB
-
MD5
22a0824dd5214f6f4c0da07d861fde25
-
SHA1
32502884c2e91ff18c6ff917f8a43a24d83631d9
-
SHA256
82a6400e6297ce6dc3f791c98291e7273ec94487172b06d553cbd89287abcc13
-
SHA512
17f0ad3d04bae780bc78aaea260235009914f6c5d0ba3e4ef511de93db19ace8abbeabd6fd856fc3698eda58c8e9d7e52c20702050138ad5bf3dfb24e6c91571
-
SSDEEP
49152:u5vXjc253Q/47FVZJ9hPwzI0o1BAbuN7YS6OY5CCz1pOze79i6S7RJ4Qxr:u5bc2/7XZ1PwMj1WSCdOY5Dp0U9iBdWA
Score
10/10
Malware Config
Signatures
-
WSHRAT payload 1 IoCs
-
Wshrat family
-
VMProtect packed file 1 IoCs
Detects executables packed with VMProtect commercial packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
8a470899a6ebb2299b54da55ad3897d2.bin
Password: infected
-
7e160f885fe15d7f5b67e3d321c1bd8240a63bb80c8156f604829f0cbadba313.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections