Behavioral task
behavioral1
Sample
c6d38c04cc8c4975536492e2489b66fb2db2431a764d5ef0328a6c75e832e7d7.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
c6d38c04cc8c4975536492e2489b66fb2db2431a764d5ef0328a6c75e832e7d7.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
c6d38c04cc8c4975536492e2489b66fb2db2431a764d5ef0328a6c75e832e7d7
-
Size
147KB
-
MD5
f2f1433b1d3763a197fc1c0e360c3af6
-
SHA1
c6c9e41ed8c68f000daedf3a417a3aa1190d6fe3
-
SHA256
c6d38c04cc8c4975536492e2489b66fb2db2431a764d5ef0328a6c75e832e7d7
-
SHA512
e17945039188403f676382e356202aa3692fbe4226f449ce563c81ae02183b57b6c4d44c8058e1d7a5b5063700f83b87b04505fcffd93aeca457dd6922de7a03
-
SSDEEP
3072:H9LoefTpsVkHO8vVQQADHQGqGeZ59ZqLdIbnLZ0wKW2aHw7DQfg5aNtjDNAfoC2+:dLLfOQbvVmcRZTZqkLZa0UaNxV
Malware Config
Signatures
-
resource yara_rule sample vmprotect
Files
-
c6d38c04cc8c4975536492e2489b66fb2db2431a764d5ef0328a6c75e832e7d7.exe windows x86
17ee5c16a1d81a00d3dc975124d3382b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
SHStrDupA
PathRemoveFileSpecA
AssocQueryStringW
SHRegOpenUSKeyA
PathIsURLA
StrSpnA
SHDeleteEmptyKeyA
SHGetValueW
StrStrIA
UrlApplySchemeA
SHRegGetBoolUSValueA
StrRStrIW
PathBuildRootA
StrCSpnA
PathMatchSpecW
PathStripToRootA
PathIsPrefixA
StrToIntExA
PathUnmakeSystemFolderA
PathIsSameRootW
SHRegDeleteUSValueA
AssocQueryStringByKeyA
ChrCmpIA
PathFindFileNameA
PathUnquoteSpacesA
advapi32
SetSecurityDescriptorDacl
GetMultipleTrusteeOperationA
BuildExplicitAccessWithNameA
RegOpenKeyExW
SetServiceStatus
GetSidSubAuthorityCount
FreeSid
SetAclInformation
DeleteAce
GetNamedSecurityInfoExA
ConvertSecurityDescriptorToAccessA
RegDeleteKeyA
LookupPrivilegeValueA
InitializeAcl
GetServiceDisplayNameW
RegQueryMultipleValuesW
GetSecurityDescriptorDacl
GetTrusteeTypeW
kernel32
ReadConsoleA
LocalUnlock
GetNumberOfConsoleInputEvents
GlobalFindAtomA
GetVersionExA
CreateEventW
WriteConsoleInputA
SetConsoleScreenBufferSize
GetFullPathNameW
GetTimeZoneInformation
SetComputerNameW
EnumDateFormatsExA
GetConsoleTitleW
Heap32ListFirst
GetHandleInformation
GlobalSize
DisconnectNamedPipe
DeleteAtom
GetPrivateProfileStructA
GlobalDeleteAtom
SetProcessPriorityBoost
CreateConsoleScreenBuffer
LCMapStringW
GetLocalTime
GlobalGetAtomNameA
lstrlenA
lstrcmpi
GetProcessShutdownParameters
SetConsoleCursorPosition
ConvertThreadToFiber
CreateMailslotW
TlsAlloc
lstrlen
lstrcpy
Thread32Next
SystemTimeToFileTime
CreateSemaphoreA
GetPrivateProfileSectionA
GetProcessTimes
GetLocaleInfoA
GetDiskFreeSpaceExA
ReadConsoleOutputW
FindFirstFileExW
FatalExit
FatalAppExitW
CancelWaitableTimer
WritePrivateProfileStructA
GetEnvironmentVariableA
WriteConsoleOutputAttribute
GetPrivateProfileIntW
GetStartupInfoW
CreateFileA
GetProcAddress
GetFileAttributesW
GetDateFormatW
GetQueuedCompletionStatus
GetTempPathA
GetFileAttributesExW
SetUnhandledExceptionFilter
LockFile
GetConsoleOutputCP
FormatMessageA
ExpandEnvironmentStringsW
GetShortPathNameW
LocalReAlloc
EnumSystemLocalesW
GetPrivateProfileStringW
FreeConsole
FreeEnvironmentStringsW
GlobalUnlock
GetProcessVersion
WritePrivateProfileSectionA
SetNamedPipeHandleState
FatalAppExitA
CancelIo
LoadResource
GetCurrentDirectoryA
GlobalAddAtomW
SetLastError
FindAtomW
LocalFileTimeToFileTime
GlobalFree
CreateFiber
GetThreadTimes
VirtualQuery
MapViewOfFile
LoadLibraryW
GetSystemPowerStatus
EnumResourceLanguagesA
GetShortPathNameA
LoadLibraryExW
GetDriveTypeA
SetComputerNameA
CopyFileExA
EnumResourceLanguagesW
ReleaseMutex
UnlockFileEx
GetBinaryTypeA
GetAtomNameA
SetConsoleWindowInfo
OpenSemaphoreW
CompareStringW
GlobalAlloc
GetComputerNameA
InitAtomTable
TlsGetValue
GetVolumeInformationW
VirtualProtect
RequestWakeupLatency
GetCalendarInfoA
CloseHandle
OpenSemaphoreA
GetFileSize
SetTimeZoneInformation
OpenWaitableTimerW
GetUserDefaultLangID
UnlockFile
WaitForSingleObjectEx
FindClose
GetEnvironmentStrings
GetFileAttributesExA
GetEnvironmentVariableW
OpenFile
GetOEMCP
SwitchToThread
SetVolumeLabelW
ReadConsoleOutputAttribute
GetDiskFreeSpaceA
lstrcpyW
CreateProcessW
VirtualAlloc
LockResource
SleepEx
SwitchToFiber
WriteConsoleA
ReadConsoleOutputCharacterA
GetBinaryTypeW
SetLocaleInfoW
OpenWaitableTimerA
GetStringTypeA
VirtualFree
EnumResourceNamesW
GetPrivateProfileStructW
GetConsoleMode
WaitNamedPipeW
AddAtomA
ReadConsoleOutputA
CreateProcessA
ReadConsoleInputA
HeapUnlock
VirtualProtectEx
GetSystemInfo
CreateNamedPipeA
DeleteFileA
GetThreadSelectorEntry
SetFileAttributesA
CopyFileExW
QueryPerformanceCounter
FindFirstFileA
GetNumberFormatW
EnumResourceTypesA
GetCompressedFileSizeA
Heap32Next
SetConsoleMode
ReadDirectoryChangesW
GetStartupInfoA
RequestDeviceWakeup
GetNumberOfConsoleMouseButtons
FindResourceW
GetACP
IsBadCodePtr
SetEnvironmentVariableW
FreeResource
CreateFileMappingW
AddAtomW
SetEndOfFile
GenerateConsoleCtrlEvent
GetThreadLocale
CompareStringA
DeleteFileW
IsValidCodePage
QueryDosDeviceA
WriteProcessMemory
GetAtomNameW
SetLocaleInfoA
GetProfileIntA
GetFileTime
LoadLibraryA
GetCurrentProcessId
SizeofResource
ReadConsoleInputW
HeapWalk
IsBadWritePtr
SetProcessAffinityMask
lstrcmpA
OpenFileMappingW
SetConsoleCursorInfo
EnumTimeFormatsA
lstrcpyA
CreateThread
ReadConsoleOutputCharacterW
GetConsoleCP
GetCPInfo
WritePrivateProfileStringA
ExitProcess
GetVersion
WaitForSingleObject
ExpandEnvironmentStringsA
GetPrivateProfileIntA
Module32First
FileTimeToLocalFileTime
FlushConsoleInputBuffer
GlobalReAlloc
GetConsoleCursorInfo
RtlFillMemory
SetMessageWaitingIndicator
MoveFileExW
FillConsoleOutputCharacterA
FindResourceExW
LocalFree
GetModuleFileNameA
FreeEnvironmentStringsA
SetEnvironmentVariableA
SetFileAttributesW
GetSystemTime
HeapDestroy
SetEvent
HeapValidate
GetCurrencyFormatW
lstrcpynW
FileTimeToSystemTime
FindAtomA
GetDriveTypeW
CreatePipe
GetFileInformationByHandle
UnhandledExceptionFilter
LocalFlags
GetSystemDirectoryA
lstrcmpiW
SetThreadIdealProcessor
GetExitCodeProcess
FlushFileBuffers
FlushViewOfFile
QueryPerformanceFrequency
GetEnvironmentStringsA
lstrlenW
IsValidLocale
SetThreadAffinityMask
ResetEvent
FoldStringW
SetProcessShutdownParameters
GlobalMemoryStatus
GetSystemDefaultLangID
GetWindowsDirectoryW
lstrcpynA
WriteFile
CopyFileW
SetThreadLocale
CreateWaitableTimerA
DosDateTimeToFileTime
GetCurrentProcess
SetVolumeLabelA
GetWriteWatch
SetThreadExecutionState
GetDevicePowerState
EnumDateFormatsExW
GetPrivateProfileSectionNamesA
Beep
GetStringTypeExA
InitializeCriticalSectionAndSpinCount
CreateDirectoryW
SetMailslotInfo
GetCurrentThread
SignalObjectAndWait
TerminateThread
MulDiv
GlobalLock
HeapLock
FindNextFileA
GetTickCount
OpenEventA
IsBadStringPtrW
ReadFile
FillConsoleOutputAttribute
lstrcatW
FoldStringA
IsProcessorFeaturePresent
GetEnvironmentStringsW
GetNamedPipeInfo
ConvertDefaultLocale
VirtualFreeEx
FindFirstFileW
HeapCreate
CreateMailslotA
GetOverlappedResult
WaitForMultipleObjectsEx
GlobalCompact
GetCompressedFileSizeW
GetProfileStringW
SetLocalTime
GetFullPathNameA
GetNamedPipeHandleStateW
DuplicateHandle
GlobalAddAtomA
WaitForMultipleObjects
OpenMutexW
GetThreadContext
MultiByteToWideChar
TransactNamedPipe
EnumDateFormatsA
SetConsoleTextAttribute
IsBadHugeWritePtr
ReadConsoleW
IsBadHugeReadPtr
EnumCalendarInfoExA
RemoveDirectoryW
GetPrivateProfileSectionW
FillConsoleOutputCharacterW
GetPrivateProfileSectionNamesW
GetLogicalDrives
LCMapStringA
LocalAlloc
EnumSystemLocalesA
UnmapViewOfFile
GetModuleFileNameW
lstrcmp
Thread32First
GetConsoleScreenBufferInfo
WriteFileGather
PulseEvent
IsBadStringPtrA
WriteConsoleOutputA
SetConsoleTitleA
GetCurrentThreadId
PeekConsoleInputW
GetNumberFormatA
GetDateFormatA
WriteConsoleInputW
UpdateResourceA
WriteFileEx
GetDiskFreeSpaceExW
DeleteFiber
CreateFileMappingA
GetStringTypeW
SetFilePointer
GetMailslotInfo
GetProcessPriorityBoost
ScrollConsoleScreenBufferA
lstrcatA
GetCurrencyFormatA
EnumSystemCodePagesA
SetConsoleTitleW
TlsSetValue
GetSystemDefaultLCID
GetBinaryType
FileTimeToDosDateTime
GetLogicalDriveStringsA
GetVersionExW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
user32
BlockInput
TranslateAcceleratorA
GetMessageA
InvertRect
GetScrollRange
CreateWindowExA
SubtractRect
InternalGetWindowText
ClipCursor
GrayStringW
GetClassInfoW
GetSysColor
GetTabbedTextExtentW
CreateIconFromResource
CountClipboardFormats
LoadAcceleratorsW
SetCursor
SendMessageTimeoutA
ShowCaret
SendMessageCallbackW
EnumDisplaySettingsW
SendInput
GetDesktopWindow
ReplyMessage
GetSystemMenu
DdeNameService
ClientToScreen
DdeCreateStringHandleA
OemToCharW
UnloadKeyboardLayout
OpenWindowStationW
SetParent
HideCaret
DdeQueryStringA
CopyImage
CharUpperA
GetDialogBaseUnits
WaitForInputIdle
InsertMenuW
EndDialog
SetDlgItemTextW
GetDCEx
OffsetRect
PeekMessageW
DrawAnimatedRects
GetWindowContextHelpId
DefFrameProcA
WINNLSGetEnableStatus
GetKeyNameTextA
DrawIconEx
CreateAcceleratorTableW
DdeReconnect
GetWindowTextLengthW
GetActiveWindow
GetMenuItemCount
MessageBoxIndirectA
DestroyMenu
CharLowerW
UpdateWindow
TileWindows
EnumWindowStationsW
GetMessageExtraInfo
GetMenuStringA
ToUnicode
FlashWindow
EnumPropsExA
EmptyClipboard
GetKeyNameTextW
DrawMenuBar
GetKBCodePage
DialogBoxParamW
RemovePropA
GetWindowModuleFileNameA
OpenDesktopW
UnregisterClassA
IsMenu
CreateDesktopW
GetAsyncKeyState
InvalidateRect
InvalidateRgn
WINNLSGetIMEHotkey
SendMessageCallbackA
IsRectEmpty
OpenIcon
RegisterDeviceNotificationA
InsertMenuItemW
GetMonitorInfoW
EnumWindowStationsA
ScreenToClient
CreateWindowStationW
GetNextDlgGroupItem
DefMDIChildProcW
GetMessagePos
GetKeyboardLayoutNameW
SetMenuDefaultItem
GetMessageW
GetKeyboardType
IsCharAlphaNumericW
GetForegroundWindow
LoadImageA
GetListBoxInfo
DdeInitializeW
EnumClipboardFormats
IsCharAlphaA
DdeKeepStringHandle
DrawTextExW
GetOpenClipboardWindow
GetWindow
GetGUIThreadInfo
GetSystemMetrics
BroadcastSystemMessage
SetClipboardViewer
SetKeyboardState
MessageBoxA
GetMessageTime
SetThreadDesktop
LoadAcceleratorsA
ToAsciiEx
IsDialogMessageA
GetScrollInfo
GetProcessWindowStation
RegisterClipboardFormatW
GetSubMenu
CloseClipboard
RegisterWindowMessageW
CharNextA
HiliteMenuItem
ToUnicodeEx
CharUpperW
SetMenu
ChangeMenuW
GetClipCursor
WindowFromDC
FillRect
CreateIcon
GetUserObjectSecurity
SetWindowRgn
CreateDialogParamA
SetFocus
TranslateAcceleratorW
EnumPropsA
FindWindowA
EnumDisplayDevicesA
GetCursor
CopyAcceleratorTableW
GetWindowTextW
CreateMDIWindowW
GetKeyboardLayoutNameA
SetPropA
IsDialogMessageW
SetTimer
CascadeWindows
SetWindowLongA
AnimateWindow
SetMessageQueue
GetNextDlgTabItem
CharPrevW
CreateDialogIndirectParamA
ScrollDC
DrawFocusRect
BringWindowToTop
SwitchDesktop
ChangeClipboardChain
SetRect
IsDialogMessage
RealChildWindowFromPoint
SetRectEmpty
GetDC
GetClipboardFormatNameW
BeginPaint
GetMenuItemInfoA
CharNextExA
DlgDirSelectExA
GetParent
EnableMenuItem
GetMenuItemRect
SetWindowContextHelpId
IsCharAlphaNumericA
DdeAbandonTransaction
MapWindowPoints
CreateIconFromResourceEx
VkKeyScanExA
GetTitleBarInfo
CheckRadioButton
SetProcessDefaultLayout
IsDlgButtonChecked
SetPropW
DdePostAdvise
GetClassInfoA
DdeDisconnectList
DlgDirListW
PostQuitMessage
CreateMenu
SendNotifyMessageA
GetDlgCtrlID
DdeQueryNextServer
SetUserObjectInformationW
CreatePopupMenu
MoveWindow
MapVirtualKeyW
RegisterClassExA
SetClassWord
CharToOemBuffA
ChildWindowFromPointEx
GetUpdateRect
SendIMEMessageExA
EnumDisplayMonitors
CheckMenuItem
GetKeyState
CreateWindowExW
CheckDlgButton
NotifyWinEvent
EndDeferWindowPos
GetQueueStatus
AppendMenuW
GetWindowInfo
DefFrameProcW
GetWindowPlacement
MenuItemFromPoint
DdeInitializeA
TrackPopupMenu
GetDoubleClickTime
CloseDesktop
SendDlgItemMessageA
LoadIconW
MessageBoxExW
IsZoomed
LoadCursorFromFileA
SetShellWindow
UnregisterDeviceNotification
VkKeyScanW
DlgDirSelectComboBoxExA
IsCharUpperA
RegisterHotKey
GetMenuInfo
GetMenuContextHelpId
ShowWindowAsync
GetUserObjectInformationA
GetWindowThreadProcessId
GetClassLongA
SetUserObjectInformationA
ImpersonateDdeClientWindow
GetKeyboardLayoutList
EndMenu
CheckMenuRadioItem
EqualRect
UnpackDDElParam
EnumDesktopsW
GetClassInfoExA
CreateDesktopA
DestroyCursor
SetDoubleClickTime
GetThreadDesktop
TranslateAccelerator
SendDlgItemMessageW
GetWindowDC
GetShellWindow
GetGuiResources
LoadStringW
KillTimer
LockWindowUpdate
ChangeDisplaySettingsA
GetComboBoxInfo
SetWindowTextA
ExcludeUpdateRgn
GetCursorPos
IsClipboardFormatAvailable
DdeFreeStringHandle
DrawFrame
RegisterDeviceNotificationW
IsChild
GetCursorInfo
PostMessageW
GetCaretPos
GetWindowModuleFileNameW
RemovePropW
DestroyCaret
DefDlgProcA
DdeFreeDataHandle
DlgDirListComboBoxW
SetLastErrorEx
GetClipboardData
GrayStringA
CharPrevExA
DdeConnect
CharToOemW
CharToOemBuffW
WaitMessage
DdeConnectList
DlgDirSelectExW
GetUpdateRgn
DlgDirSelectComboBoxExW
EnumPropsExW
WinHelpA
LoadMenuW
GetWindowLongA
CharPrevA
CharLowerA
GetClipboardOwner
OemToCharA
LoadMenuIndirectA
DdeDisconnect
DdeUnaccessData
SetMenuInfo
IsCharLowerA
SendMessageW
CallMsgFilter
RealGetWindowClass
GetLastActivePopup
EnumDesktopsA
GetMenuCheckMarkDimensions
DefMDIChildProcA
GetAltTabInfo
AppendMenuA
ScrollWindow
UnionRect
GetPropA
RegisterWindowMessageA
WindowFromPoint
RedrawWindow
GetKeyboardLayout
ShowOwnedPopups
DdeSetQualityOfService
DdeGetData
DdeEnableCallback
WinHelpW
MapVirtualKeyExW
GetUserObjectInformationW
GetWindowTextA
ExitWindowsEx
InflateRect
IntersectRect
GetMenuStringW
VkKeyScanA
GetMenuItemInfoW
BeginDeferWindowPos
DlgDirListA
DrawTextA
GetMenuItemID
VkKeyScanExW
MessageBeep
LoadStringA
SetWindowPos
EnumWindows
SetProcessWindowStation
DrawEdge
SetActiveWindow
SetScrollPos
DrawCaption
ShowCursor
OemToCharBuffW
EnumChildWindows
OpenInputDesktop
GetClipboardFormatNameA
CreateDialogParamW
UnregisterHotKey
PaintDesktop
SystemParametersInfoW
MessageBoxIndirectW
SwitchToThisWindow
CopyAcceleratorTableA
IsWindowVisible
CreateWindowStationA
TranslateMessage
RegisterClassA
TabbedTextOutW
SetSystemCursor
SetScrollRange
DdeCmpStringHandles
SetScrollInfo
WINNLSEnableIME
FindWindowW
LoadBitmapW
RemoveMenu
SetWindowPlacement
DdeAccessData
InSendMessage
MapVirtualKeyExA
EnumPropsW
GetProcessDefaultLayout
GetClassInfoExW
SystemParametersInfoA
MonitorFromPoint
SetWindowLongW
TabbedTextOutA
DrawStateW
IsWindowUnicode
LoadBitmapA
SetMenuContextHelpId
SendMessageTimeoutW
DrawStateA
ChangeMenuA
ArrangeIconicWindows
ole32
GetHookInterface
GetHGlobalFromStream
Sections
.text Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
.vmp1 Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE