ab56a0377247c8ec009724000f03be2e7e0cf96d20e2ceec18280be58038fdfc

Sharing

Copy URL Twitter E-mail

General

Target

ab56a0377247c8ec009724000f03be2e7e0cf96d20e2ceec18280be58038fdfc
Size

2.7MB
MD5

b9d16b6e01f9167b1a88d9b2e0c69e3c
SHA1

4b2366a3b058ff1585ee5202d64e290071089512
SHA256

ab56a0377247c8ec009724000f03be2e7e0cf96d20e2ceec18280be58038fdfc
SHA512

541d3e3a9948e860e901c80917c1730d4c761f05c926f6589dc0c4ad48581aeab7e2382ef8e07e0a2a2e7dfe5abdf694b934de8a4f1dd03d6d3c91c1a1876616
SSDEEP

49152:+JuJ6xFxKAclI1PF6vD7gdtZ5snETbYPeLluYlqRuAwnvh4:+4MxDuO1kD7g5sUbhPqRJwnvh4

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Files

ab56a0377247c8ec009724000f03be2e7e0cf96d20e2ceec18280be58038fdfc
.exe windows x86

e9c5609a8530300342adb83be376514d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

7ȋ��٣�#��k`w]s&

볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�
볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�
볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�
볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�
볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�
볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�
볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�
볟�jϗ*u��i��׮��5��ti��q,#��ɔ:am)v��x��̈́�njda*��*o�ĵm#�mqlc�� z��?d>�n��ӹ��n۰�wwe� iqt�=��o\��a�霓j��n>f�6�

user32

d�O�� ,��ϋa��о��>��]��ys��v� m�s+�^�D fn�q�?r��H��E��cVN��М�z ��ZK�^��K�x��>�U��Q�̿(I�W�#c� �H�U�]*��

Sections

.text
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9c5609a8530300342adb83be376514d

Headers

DLL Characteristics

File Characteristics

Imports

7ȋ���٣�#��k`w]s&

user32

Sections

.text Size: - Virtual size: 24KB

.rdata Size: - Virtual size: 7KB

.data Size: - Virtual size: 6KB

.vmp0 Size: - Virtual size: 47KB

.tls Size: 512B - Virtual size: 24B

.vmp1 Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 512B - Virtual size: 272B

.rsrc Size: 1024B - Virtual size: 2.4MB

7ȋ��٣�#��k`w]s&

.text
Size: - Virtual size: 24KB

.rdata
Size: - Virtual size: 7KB

.data
Size: - Virtual size: 6KB

.vmp0
Size: - Virtual size: 47KB

.tls
Size: 512B - Virtual size: 24B

.vmp1
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 512B - Virtual size: 272B

.rsrc
Size: 1024B - Virtual size: 2.4MB