vbc.exe,cc6ca7aa77b2ceda2ca930993fd4357e.exe

Sample information


0

Antivirus detections

0

IDS alerts

1

Processes

0

Http events

0

Contacted hosts

1

DNS Requests

    7.5


    Score

Current activity of this Sample


Blacklist timeline


Malicious
84 days since the last reported activity  
No activityreported afterJul 16, 2025Jan 2022Jan 2023Jan 2024Jan 2025Hybrid-AnalysisAbuse.chGeneric MalwareRemcosRAT
Hashes
Filename:
vbc.exe,cc6ca7aa77b2ceda2ca930993fd4357e.exe
md5:
cc6ca7aa77b2ceda2ca930993fd4357e
sha1:
79648f3c579be053a030ccdb791122f95497cf09
sha256:
2eb44403d1de2a792569f63907f746809e3d4e35fccf689c2e637f77df79254c

In depth details
Filetype:
application/x-dosexec
Size (Bytes):
214016
Classification:
malicious

Dates
Indexed:
Fri Sep 03 2021 14:15:14 GMT+0000 (4 years ago)
Last modified:
Wed Jul 16 2025 09:15:18 GMT+0000 (3 months ago)

Tags

Explore our API specification anytime here:
API Specification

Request:

          
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/2eb44403d1de2a792569f63907f746809e3d4e35fccf689c2e637f77df79254c

Response:

      
{
    "blacklist": [
        {
            "count": 1,
            "description": "RemcosRAT",
            "first_seen": "2021-09-03 12:47:45",
            "labels": [
                "malicious-activity"
            ],
            "last_seen": "2021-09-03 12:47:45",
            "source": "Abuse.ch"
        },
        {
            "count": 6,
            "description": "Generic Malware",
            "first_seen": "2025-07-16 08:15:03",
            "last_seen": "2025-07-16 09:15:18",
            "ref": [
                21745
            ],
            "source": "Hybrid-Analysis"
        }
    ],
    "classification": "malicious",
    "creation_time": "2021-09-03 14:15:14",
    "dns_request": [
        "img.neko.airforce"
    ],
    "filename": [
        "vbc.exe",
        "cc6ca7aa77b2ceda2ca930993fd4357e.exe"
    ],
    "filetype": "application/x-dosexec",
    "is_alive": false,
    "is_cdn": false,
    "is_cnc": false,
    "is_distributing_malware": false,
    "is_hosting": false,
    "is_iot_threat": false,
    "is_known_attacker": false,
    "is_known_scanner": false,
    "is_mining_pool": false,
    "is_open_proxy": false,
    "is_phishing": false,
    "is_sinkhole": false,
    "is_storing_phishing": false,
    "is_tor_node": false,
    "is_vpn_node": false,
    "md5": "cc6ca7aa77b2ceda2ca930993fd4357e",
    "modification_time": "2025-07-16 09:15:18",
    "process_list": [
        {
            "name": "vbc.exe",
            "normalizedpath": "C:\\vbc.exe",
            "sha256": "2eb44403d1de2a792569f63907f746809e3d4e35fccf689c2e637f77df79254c",
            "uid": "00000000-00003288"
        }
    ],
    "score": 7.5,
    "sha1": "79648f3c579be053a030ccdb791122f95497cf09",
    "sha256": "2eb44403d1de2a792569f63907f746809e3d4e35fccf689c2e637f77df79254c",
    "size": 214016,
    "tag": [
        "ransomware"
    ],
    "type": "sample"
}
Network contacts
DNS Requests
img.neko.airforce
Contacted Hosts
Process list
uid
00000000-00003288
commandline
name
vbc.exe
normalizedpath
C:\vbc.exe
sha256
2eb44403d1de2a792569f63907f746809e3d4e35fccf689c2e637f77df79254c