Overview

overview

10

Static

static

10

6bb1021eeb...34.exe

windows7-x64

9

6bb1021eeb...34.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bb1021eebd7375d2080fdc50364ee112fb99c57fad69ff2b7619330d2b86f34

  • Size

    2.6MB

  • MD5

    27e5fd6b179cc604a92ad40a401f4aec

  • SHA1

    f8a7cd307bb1acfa2ed83d2c9d511bc2891b4332

  • SHA256

    6bb1021eebd7375d2080fdc50364ee112fb99c57fad69ff2b7619330d2b86f34

  • SHA512

    99a2c3a5696751ca1936f2333ac4eca1c3c614b8371dab9c6cf65f0c7fbdc7f2ffb19342cd2b22e99fd4e35ca6a048f4d6494ae2bcecbed639c23fc0a76d28d8

  • SSDEEP

    49152:vCwaz70YMUaqZTbeSAmshGCOljXu0rTuEysKob19dFuAw+W7SCbcZM:nq0mLZBV+GCORXxTuEF/b1/s7ue

Score
10/10
vmprotect

Malware Config

Signatures

  • Detects executables (downlaoders) containing URLs to raw contents of a paste 1 IoCs
  • Detects executables Discord URL observed in first stage droppers 1 IoCs
  • Detects executables manipulated with Fody 1 IoCs
  • Detects executables packed with VMProtect. 1 IoCs
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6bb1021eebd7375d2080fdc50364ee112fb99c57fad69ff2b7619330d2b86f34
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections