vbc.exe

First submission 2022-07-30 14:36:31

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
File type: 3723.48 KB (3812844 bytes)
Compile time: 2018-09-03 11:26:52
MD5: 1a587935a78727709ea6efc820e0232a
SHA1: ff876d08323c1e5dd33f0a793b760d537dcc5a13
SHA256: 7b1b7d7b105ae262e391dd08e669a3f82b46b00df40730e893071c6998eef878
Sections 5 .text .data .vomiy .tls .rsrc
Directories 5 import resource debug tls security
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://3.104.223.22/240/vbc.exe VirusTotal Report 3.104.223.22 VirusTotal Report 2022-07-30 14:36:31

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x675284 6771712 8f3f3e54463ee9879e132bda185f65ba54c4d473 a22f90a7e16d0c28f8da6eb99e255274
.data 0x677000 0x2bac 3584 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.vomiy 0x67a000 0x24 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.tls 0x67b000 0x9 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x67c000 0x1f9d0 129536 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e

File signature

MD5 SHA1 Block size Virtual Address
d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 5008 6906880

Strings analysis - File found

Library
WUSER32.DLL
KERNEL32.dll
mscoree.dll
MSIMG32.dll