VOMSvcWebInstaller.exe

Sample information


0

Antivirus detections

0

IDS alerts

2

Processes

0

Http events

0

Contacted hosts

0

DNS Requests

    6.3


    Score

Current activity of this Sample

Blacklist timeline

Generic Malware

Hybrid-Analysis

First seen: Wed Apr 16 2025 06:30:05 GMT+0000
Last seen: Wed Apr 16 2025 10:00:26 GMT+0000
Period: 4 hours
Hashes
Filename:
VOMSvcWebInstaller.exe
md5:
84e3f4fbd4f3c9ecdf18df5d9b2b72e8
sha1:
ead030821fab1bfd499b80e3d93066dc92d870f6
sha256:
a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916

In depth details
Filetype:
PE32 executable (console) Intel 80386, for MS Windows
Size (Bytes):
4761864
Classification:
malicious

Dates
Indexed:
Wed Apr 16 2025 06:20:41 GMT+0000 (3 months ago)
Last modified:
Wed Apr 16 2025 10:00:31 GMT+0000 (3 months ago)

Developers can check API Specification here:

API Specification

Request:

          
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916

Request:

Alternatively you can use Maltiverse Python3 Library: 
          
import requests
import json

url = 'https://api.maltiverse.com/sample/a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))

Request:

          
$url = 'https://api.maltiverse.com/sample/a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916'
$headers =  @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response

Response:

      
{
    "blacklist": [
        {
            "count": 1,
            "description": "Generic Malware",
            "first_seen": "2025-04-16 06:30:05",
            "last_seen": "2025-04-16 10:00:26",
            "ref": [
                1
            ],
            "source": "Hybrid-Analysis"
        }
    ],
    "classification": "malicious",
    "creation_time": "2025-04-16 06:20:41",
    "filename": [
        "VOMSvcWebInstaller.exe"
    ],
    "filetype": "PE32 executable (console) Intel 80386, for MS Windows",
    "is_alive": false,
    "is_cdn": false,
    "is_cnc": false,
    "is_distributing_malware": false,
    "is_hosting": false,
    "is_iot_threat": false,
    "is_known_attacker": false,
    "is_known_scanner": false,
    "is_mining_pool": false,
    "is_open_proxy": false,
    "is_phishing": false,
    "is_sinkhole": false,
    "is_storing_phishing": false,
    "is_tor_node": false,
    "is_vpn_node": false,
    "md5": "84e3f4fbd4f3c9ecdf18df5d9b2b72e8",
    "modification_time": "2025-04-16 10:00:31",
    "process_list": [
        {
            "name": "VOMSvcWebInstaller.exe",
            "normalizedpath": "C:\\VOMSvcWebInstaller.exe",
            "sha256": "a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916",
            "uid": "00000000-00003672"
        },
        {
            "name": "VOMSvcWebInstaller.exe",
            "normalizedpath": "C:\\VOMSvcWebInstaller.exe",
            "sha256": "a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916",
            "uid": "00000000-00007756"
        }
    ],
    "score": 6.3,
    "scoring_executed_time": "2025-04-16 10:00:31",
    "sha1": "ead030821fab1bfd499b80e3d93066dc92d870f6",
    "sha256": "a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916",
    "size": 4761864,
    "type": "sample"
}
Process list
uid
00000000-00003672
commandline
name
VOMSvcWebInstaller.exe
normalizedpath
C:\VOMSvcWebInstaller.exe
sha256
a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916
uid
00000000-00007756
commandline
name
VOMSvcWebInstaller.exe
normalizedpath
C:\VOMSvcWebInstaller.exe
sha256
a10e6706383080d444d13901d7c062c199415b284d3ecaa35bf7bd2e687a2916