General

  • Target

    YY挂号协议.exe

  • Size

    4.7MB

  • MD5

    765cf453d0cea3719b619e4c55881093

  • SHA1

    060ae0476bbd908d08537c8b6bb24d2ec83d524c

  • SHA256

    3d76cc27be3265077a5c15f2c76848b73148df035b7d3a3d2b9ad77232587cfd

  • SHA512

    2132af60567aaf5c89001c36edd0764ef5e336dd2260d20287953ce2dac4b80c7817d0c0fe410a0d092900181c3d360999f7f2c06b5eba51a2e54821175cec18

  • SSDEEP

    98304:ygvElT54uia2kf5SCyJsAh6wbwPy7kl/CNBIs0lApvWJ:yFT54rHi4H+Ah/bOUkVQY2oJ

Score
7/10

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • YY挂号协议.exe
    .exe windows:4 windows x86 arch:x86

    24755ab954e054d16598eeb0fdaed28a


    Headers

    Imports

    Sections