vbc.exe
First submission 2022-07-30 14:36:31
File details
| File type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| File type: | 3723.48 KB (3812844 bytes) |
| Compile time: | 2018-09-03 11:26:52 |
| MD5: | 1a587935a78727709ea6efc820e0232a |
| SHA1: | ff876d08323c1e5dd33f0a793b760d537dcc5a13 |
| SHA256: | 7b1b7d7b105ae262e391dd08e669a3f82b46b00df40730e893071c6998eef878 |
| Sections 5 | .text��� .data��� .vomiy�� .tls���� .rsrc��� |
| Directories 5 | import resource debug tls security |
| Virus Total: |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://3.104.223.22/240/vbc.exe  |
3.104.223.22 |
2022-07-30 14:36:31 |
PE Sections 1 suspicious
| Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
|---|---|---|---|---|---|---|
| .text��� | 0x1000 | 0x675284 | 6771712 | 8f3f3e54463ee9879e132bda185f65ba54c4d473 | a22f90a7e16d0c28f8da6eb99e255274 | |
| .data��� | 0x677000 | 0x2bac | 3584 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
| .vomiy�� | 0x67a000 | 0x24 | 512 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
| .tls���� | 0x67b000 | 0x9 | 512 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
| .rsrc��� | 0x67c000 | 0x1f9d0 | 129536 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e |
File signature
| MD5 | SHA1 | Block size | Virtual Address |
|---|---|---|---|
| d41d8cd98f00b204e9800998ecf8427e | da39a3ee5e6b4b0d3255bfef95601890afd80709 | 5008 | 6906880 |
Strings analysis - File found
| Library |
| WUSER32.DLL |
| KERNEL32.dll |
| mscoree.dll |
| MSIMG32.dll |