Behavioral task
behavioral1
Sample
46356ce64664820165594ed18ec26a90.exe
Resource
win7-20220812-en
General
-
Target
46356ce64664820165594ed18ec26a90.exe
-
Size
302KB
-
MD5
46356ce64664820165594ed18ec26a90
-
SHA1
4cc931965d09e90eaffca9d3d6e9a3e76a1a4366
-
SHA256
f06f422d7fc0f07d426965ceccf417598eadb7fcacfbe156dd37d3059669ecc0
-
SHA512
e725dd10fc4ee0d9429decb52f7fe79b4f1dab5547f19cef1d323e2dcf836d28edf7d1bbaf4090cd1b5f2a3cabb1840dcb1a94513a5f14899e7eedffda08e7f0
-
SSDEEP
6144:EInpgzEJQ5Jz+ZwRI3iusfICdNOWqlzhjZRPY8yxDziZi4/W:np6ZCwRI3iiCTSlzh1BR2HIW
Malware Config
Signatures
-
Processes:
resource yara_rule sample vmprotect
Files
-
46356ce64664820165594ed18ec26a90.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp0 Size: - Virtual size: 159KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 297KB - Virtual size: 296KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ