vbc.exe

First submission 2022-05-10 19:58:03

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
File type: 177.9 KB (182165 bytes)
Compile time: 2021-09-25 23:54:49
MD5: c33d399c78bbc6d5f34b50759ce3deda
SHA1: 3b78f12e5f3adf30b758942ae3bc08a3955d6e53
SHA256: 8f55cd87f94613eb7ea5e568c263cc3803378ab422bf31ceb7b7cc166bd9ad77
Import Hash : 61259b55b8912888e90f516ca08dc514
Sections 5 .text .rdata .data .ndata .rsrc
Directories 2 import resource
Virus Total: 27/68 VT report date: 2022-05-10 13:53:58

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://107.172.93.57/222/vbc.exe VirusTotal Report 107.172.93.57 VirusTotal Report 2022-05-10 19:58:03

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x67c4 26624 5426a94b0895fc52d44216598c3d9b67d7c11815 0d301800a1129c1b34c24e9c70a83a2a
.rdata 0x8000 0x139a 5120 dc4f14d019cad6646b38852dfb7370532acafebc 8c5edfd8ff9cc0135e197611be38ca18
.data 0xa000 0x39ebb8 1536 a5cf5c085ab3ed3c0697cf20b2fa14c618052c76 c47ec1a5b78405f05a7f14418434b039
.ndata 0x3a9000 0x10000 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x3b9000 0xa50 3072 40b30a1f6cdb3ed8738dd0a418597f67d3d62071 d79dec7fbf7b676592533742181cc502

PE Resources 4

Name Language Sublanguage Offset Size Data
RT_ICON LANG_ENGLISH SUBLANG_ENGLISH_US 0x3b9190 744
RT_DIALOG LANG_ENGLISH SUBLANG_ENGLISH_US 0x3b9698 96
RT_GROUP_ICON LANG_ENGLISH SUBLANG_ENGLISH_US 0x3b96f8 20
RT_MANIFEST LANG_ENGLISH SUBLANG_ENGLISH_US 0x3b9710 830

Anti debug functions 2

FindWindowExW
GetLastError

Strings analysis - File found

Library
%s%s.dll
ADVAPI32.dll
SHELL32.dll
COMCTL32.dll
ole32.dll
GDI32.dll
USER32.dll
KERNEL32.dll

Strings analysis - Possible URLs found 1

http://nsis.sf.net/NSIS_Error

Import functions

Name Latest seen MD5
vbc.exe 2022-03-22 21:32:04 a7ff9d6ac75f5a8e46de69043e142416
Equivoluminal6.exe 2022-03-27 19:39:02 37ad1e65666e75dbe7235a60e5e2a09a
vbc.exe 2022-04-05 20:36:02 21d9fd5a0644c27d57f9b39cec04d780
Reported.exe 2022-04-22 18:23:02 dd7dc45de8376c2698113dbd4be04871
bena.exe 2022-04-25 17:17:02 03a7feb739f98820f92e25fe8d8d55a9
vgp.exe 2022-04-26 18:33:02 5bc069f8644f6e6ad5a1df00def3ae51
mic.exe 2022-04-26 19:24:02 4a039ccf1c333214953856f96659e016
d1.exe 2022-05-05 08:10:02 2d7346894efa8803eaa27ef2f2f723b9
d2.exe 2022-05-05 08:11:01 eabd968d3bd07d857e816b7e8c4fb006
EF.exe 2022-05-05 08:17:01 e6858850ced6520506513ea119640e65
m3.exe 2022-05-05 08:20:01 8f18bb71f42a1eb3fdb1de3ee5f6d06b
vbc.exe 2022-05-10 13:02:02 643eead21d07a4bb7c11bb4c7459f898
vbc.exe 2022-05-10 13:03:03 54b3f1c51ae8550134a0d40970b455a9
o1.exe 2022-05-10 13:48:02 8413d6561a7cea036bcb55ce3739c927
vbc.exe 2022-05-10 14:04:02 33096629a4f1afa66342a3eb9ba3a09e
vbc.exe 2022-05-10 14:09:03 cd3ce7188d4c93259f0524b8087a207d
vbc.exe 2022-05-10 17:34:02 8727321276f756618f961727765b792c
vbc.exe 2022-05-10 17:35:02 9eb9e0b2d312768914016744d9361751
duk.exe 2022-05-10 17:40:03 1fb45ed5a8de2d0818db9cc1051ccaad
vbc.exe 2022-05-10 17:42:03 f35d4b7708578a4ad7f16a1c51d41eda
vbc.exe 2022-05-10 19:59:02 e854767c8344eb7087eb6fb00e078efc
vbc.exe 2022-05-10 20:28:03 8b9e4e9b0b4d1548e9ea574d984991d4
kotr.exe 2022-05-11 17:04:08 a0f036baaf9746f735f4b256c985515c
nedx.exe 2022-05-12 08:42:02 98a602591bf121ef9282ce623291a941
Scan_load.exe 2022-05-12 09:44:02 b116243ed4215cbcb325a827d11cdc68
vbc.exe 2022-05-12 09:45:02 63024416555335f0668d2450f16fed17
vbc.exe 2022-05-12 09:46:04 b78bacf2638d6457c841f5de45d34f24
vbc.exe 2022-05-12 09:49:02 3f4a3a3a87472b777905e5908b6762a6
vbc.exe 2022-05-12 09:50:02 706a52c35a1c1186de5b098fd6cafd8f
SCAN9.exe 2022-05-12 09:53:02 a1e007787cbe3d27a07fbeb2cb0956ad
scrss.exe 2022-05-12 09:55:03 6cc7f4dc6d60f6b01b7164532f4d4fe6
vbc.exe 2022-05-12 09:58:03 b09f17c52adfbbf6c3e91e84a404b112
sepat.exe 2022-05-12 10:00:04 bd445ce54588f3ea14c6ef52fe6470e7
vbc.exe 2022-05-12 11:21:02 bce919cf4fa0ea578e827b11c9966dad
vbc.exe 2022-05-12 11:23:02 0af7fbb3b5a2a7059555859c4c1db8f9
vbc.exe 2022-05-12 11:25:02 c85a753c46e005748eb59d6d062d596c
vbc.exe 2022-05-12 11:26:02 2c24fa42140a8a16f3777173a2d3f0ab
vbc.exe 2022-05-12 11:27:02 5aced01eb87f9b45da181121f2c5f510
vbc.exe 2022-05-12 12:29:04 d9a63266613ba6cc68ac317ef99f5fdd
vbc.exe 2022-05-12 20:30:02 e647eb555d9cabaf7997da05d2195ad0
vbc.exe 2022-05-12 20:50:02 0eb62853b63f5276c9eb21fff540c8be
vbc.exe 2022-05-12 21:08:02 5d27e82459861cbe558cbe64f1a94b70
vbc.exe 2022-05-12 21:25:03 7d230009eab36798f73226c3adc7ac8e
vbc.exe 2022-05-12 21:26:03 98f9e6fdd56e13f7cedb352712cdcccb
vbc.exe 2022-05-12 21:28:02 4b29dbf34a5049758ec7e986a6a85c7f
vbc.exe 2022-05-12 22:26:03 9c62175af4cb7d4581c22df0555e0c0a
copy_load.exe 2022-05-13 17:15:02 b5691d968eccd79d3b535e2686cb1a03
vbc.exe 2022-05-13 17:25:02 f850bf6bfd9be6aa4d73b6a026986c29
vbc.exe 2022-05-13 17:26:02 21f7996aa488b062d4c0725eb6f23b2c
vbc.exe 2022-05-13 17:28:02 69250f55fbfe48822c838b4eeaf33a0a
BUSY.exe 2022-05-13 17:29:03 029bbe98a216416eb698ca543a5c0830
vbc.exe 2022-05-13 17:30:03 e437b563de87f3d825a87269e16fdd50
vbc.exe 2022-05-13 18:53:04 5af1c7dd89a535dee51c3e28b4a74f8d
vbc.exe 2022-05-14 15:38:02 de76ef6a11a63efc00b0303888bc0b7f
vbc.exe 2022-05-16 00:01:02 3fe3699a62de454defd75c884f72dfee
vbc.exe 2022-05-16 07:43:02 e95ec4d6653fd04defa43e0503d4314a
vbc.exe 2022-05-16 11:33:02 4f2b5d6712ca51ba7619581acc9e6c06
Swift0022.exe 2022-05-16 15:09:02 6b652bdcd4da5e522480b3175938b26c
vbc.exe 2022-05-16 15:10:02 62a3e5d4ed5c3edf4f5b2aa432511a84
vbc.exe 2022-05-16 15:24:01 b6a0b45c78db4ee37368efd93ecfffac
vbc.exe 2022-05-16 15:26:02 2d4739ab2d34eec849d903e05e8e0eb4