Overview

overview

10

Static

static

10

2096-0-0x0...ry.exe

windows7-x64

2096-0-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2096-0-0x0000000000400000-0x0000000000D3E000-memory.dmp

  • Size

    9.2MB

  • MD5

    bc4315ab148f2a61016b83140629e561

  • SHA1

    009b21e532b8fb0e656e0dae859a69a13e3397f9

  • SHA256

    d2246adbe1f96fdadfffe2770e705ad5cf4d8303c4cbda7293946a28c9bf0fa9

  • SHA512

    3398814a41b792ab33380129b62e2b9075f6c8cf29e36c7dc5b1556cc3a9230e5374583e97944367f5aada26bec7670b8fed5afbd2df145f812cbb937d2f72e0

  • SSDEEP

    196608:oazVXPXnEqU2ZfWCQSdY4+QOrjpRhzBL0K9H05dCQwM:oqV/XnEeZdKpRhNjH05d/w

Score
10/10
vmprotectdarkcomet

Malware Config

Signatures

  • Darkcomet family
    darkcomet
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2096-0-0x0000000000400000-0x0000000000D3E000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections