home

vkbot_pro.exe

VkBot

VkBot Team

This is a setup program which is used to install the application. The file has been seen being downloaded from vkbot.ru.
Publisher:
VkBot Team

Product:
VkBot

Description:
bot for vk.com

Version:
3.0.1.0

MD5:
f292fe3d86e837c74ebd481d49fbfa94

SHA-1:
8b27843c445d45fb31c8d40fcdac9f315b47a756

SHA-256:
1c071ff27ab3ce6f671e6d1e3e16489fc2e560fa6ee3563adb608ec53026914f

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 5:29:43 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoA
1.3.0.4959

Dr.Web
Threat.Undefined
9.0.1.05190

Trend Micro House Call
Suspicious_GEN.F47V0707
7.2.279

File size:
640.8 KB (656,138 bytes)

Product version:
3.0.1.0

Copyright:
© 2009 - 2014

Original file name:
VkBot

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\vkbot_pro.exe

File PE Metadata
Compilation timestamp:
10/9/2013 2:04:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:IhOAvtv0wkqybS/+pqYL/noYGo1ZRRF1OpOz56bCI53XTz3UtjCBZ5qmmY9eEymy:Wv0RbSs/noY1/91OMsXTz3UhCZnq

Entry address:
0x87800

Entry point:
B8, F0, 1B, 65, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, BD, F8, 3E, 5D, E4, 1F, DB, 76, F3, E9, 76, 8C, 44, 9F, 50, C9, 5D, DC, F9, 3A, E6, AA, 78, B3, 5D, 7A, 27, 49, 16, 89, 13, C9, 05, 33, C3, 32, FE, 6F, 73, FB, 2C, 14, 40, E3, 6F, 91, 80, 83, EE, C1, 84, 35, 83, B7, 40, 1F, 42, 03, 02, 2A, 23, C4, 38, 7D, 72, EA, 77, 3E, 3B, CF, F0, 44, E1, 44, 07, 86, F5, 3E, E1, 20, E9, 8E, F9, FC, CC, B2, 27, ED, 48, 5D, EC, 97, 44...
 
[+]

Packer / compiler:
PECompact v2

Code size:
593 KB (607,232 bytes)

The file vkbot_pro.exe has been seen being distributed by the following URL.

http://vkbot.ru/.../?act=down&r=2.5.3

Scan vkbot_pro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.