Overview

overview

7

Static

static

3

VCRHyb64.exe

windows11-21h2-x64

7

$PLUGINSDI...SC.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$TEMP/VCRe...86.exe

windows11-21h2-x64

7

$TEMP/VCRe...86.exe

windows11-21h2-x64

7

$TEMP/VCRe...ng.exe

windows11-21h2-x64

7

$TEMP/VCRe...86.exe

windows11-21h2-x64

7

$TEMP/VCRe...ng.exe

windows11-21h2-x64

7

$TEMP/VCRe...ng.exe

windows11-21h2-x64

7

$TEMP/VCRe...86.exe

windows11-21h2-x64

7

$TEMP/VCRe...ng.exe

windows11-21h2-x64

7

$TEMP/VCRe...86.exe

windows11-21h2-x64

7

$TEMP/nsi....lp.exe

windows11-21h2-x64

7

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

$TEMP/nsi....86.exe

windows11-21h2-x64

7

$TEMP/nsi....ng.exe

windows11-21h2-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    VCRHyb64.exe

  • Size

    42.4MB

  • MD5

    28d6c4e4f28a1d9a18fcb1ae541a1aaa

  • SHA1

    f041514be3583e6436f1bb5dd3ab8b6dc05a8d77

  • SHA256

    3b3c98faf1cda10819ef24b2eff6c27ade74fbb738e4d670468d30a7c2bfb138

  • SHA512

    40d1834523d2fbd9e98ea43059c6e2cbc42a3f467f41e2e1421f54eb5abb3d66eb40293f62380fba536efba97806dc1e97856a57fe62425435f53cf2b6d4b1a3

  • SSDEEP

    786432:Dd3f8XXy+p8B3mGqHbRspRBxCCUzwaoJMHUHJcGO0pCubnITsYmqUtMB2MCeXv:Dxfmy+iKbOhxCFL9208CEIYYfUzHK

Score
3/10

Malware Config

Signatures

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • VCRHyb64.exe
    .exe windows:4 windows x86 arch:x86

    7a8b0b921c3470f5a30cf8b5703d979a


    Headers

    Imports

    Sections

  • $PLUGINSDIR/SimpleSC.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    f2ac1ab587d5531d5f1bf76c094aef4c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $TEMP/VCRedist/VCRedist_2012_x86/11.0.61030.0/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2012_x86_False/11.0.51106.1/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2012_x86_False/11.0.51106.1/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2012_x86_False/11.0.60610.1/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2012_x86_False/11.0.60610.1/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2012_x86_False/11.0.61030.0/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2012_x86_False_v/11.0.50727.1/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    eb257a9922a0035fdadd26180094e33e


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2012_x86_False_v/11.0.50727.1/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    eb257a9922a0035fdadd26180094e33e


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/VCRedist/VCRedist_2013_x86_False/12.0.30501.0/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    dcbe94b8cc54b8e53867c61cc96811d6


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp/Help.exe
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $TEMP/nsi.tmp1/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    eb257a9922a0035fdadd26180094e33e


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp1/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    eb257a9922a0035fdadd26180094e33e


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp2/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    eb257a9922a0035fdadd26180094e33e


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp2/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    eb257a9922a0035fdadd26180094e33e


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp3/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp3/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp4/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp4/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp5/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp5/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp6/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp6/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp7/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp7/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp8/vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/nsi.tmp8/vcredist_x86_eng.exe
    .exe windows:5 windows x86 arch:x86

    33c6db41ca15b47cfcec52de6c2ab2b7


    Code Sign

    Headers

    Imports

    Sections