home

vkbot.exe

VkBot

VkBot Team

This is a setup program which is used to install the application. The file has been seen being downloaded from vkbot.ru and multiple other hosts.
Publisher:
VkBot Team

Product:
VkBot

Description:
bot for vk.com

Version:
3.6.6.0

MD5:
77324bb142baf9a407eb0f2489f719c2

SHA-1:
0a5f76f9ffb83497e3875f9b4d4552eb60f7dbb7

SHA-256:
9191f446ad15e9f7499735314ad51f805ecb50960d988646b7ac41ce7bcc3d6a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/16/2024 7:40:15 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM17.0.Malware.Gen
1.0.0.1015

File size:
620.3 KB (635,162 bytes)

Product version:
3.6.6.0

Copyright:
© 2009 - 2015

Original file name:
VkBot

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
4/3/2014 6:47:00 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:oSPNL6pW1SJwpRhswsL2aNQvJHgPJEB9orDP7095LQlngfLL0UJI9D:oSVLyWoypT2bQvJAxEU7yLQlngfqp

Entry address:
0x86080

Entry point:
B8, 00, CC, 63, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 8F, FA, AB, DB, BA, 45, 5C, 90, BD, 10, EE, 56, DA, 4E, E1, 39, 79, 49, 2B, FA, 9D, 6C, 96, 61, 95, FE, 70, F3, E8, 5D, 92, 06, 1A, 5B, 5F, 64, 43, 39, FE, F9, A2, 59, 93, A2, 98, 09, 47, 3A, 5C, C8, EF, A9, 4E, 23, 5E, 70, 1D, 5D, 55, 69, 63, 72, E0, 0C, B2, C6, 3A, 5B, 7A, 2D, 34, 7D, BA, 9D, 0B, 4C, 72, E6, 01, 37, 32, 59, 39, AB, 9C, A5, E3, EB, 58, 6A, 13, B7, AA...
 
[+]

Packer / compiler:
PECompact v2

Code size:
587 KB (601,088 bytes)

The file vkbot.exe has been seen being distributed by the following 2 URLs.

https://vkbot.ru/dl.php?v=1c13139d7911ea9d9edcd43564e3bd4c

https://vkbot.ru/dl.php?v=0dd3bf1de93651bcb265d1e6681caf93

Scan vkbot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.