47028f00eab755b60c9ab8b1319ce38739924b4587c6057b02a3d25d556bbfc2

Sharing

Copy URL

Twitter E-mail

General

Target

47028f00eab755b60c9ab8b1319ce38739924b4587c6057b02a3d25d556bbfc2
Size

1.3MB
MD5

7187b1e7cd6c813c82aacfe255678759
SHA1

b9db32b840074187146ab96882942127ba6110ea
SHA256

47028f00eab755b60c9ab8b1319ce38739924b4587c6057b02a3d25d556bbfc2
SHA512

486427914e07c15c0085736a6b90c9be88d6f66d9384dd9eafee5ce02e37526162cb66a81956a4f89d7b9e8218b7f47dc9ace4db13e524f64a0fad732f413d2c
SSDEEP

24576:eU/sl4wlXlvnY09t9lfiuBGkeIIKCzCQjoSajlQ0RHfoU7WreeR8OX7+jcjtl52q:P84k1rNZtBbnIKCzCQ+l7foU6yq8OXTz

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

Processes:

resource	yara_rule
static1/unpack001/蚂蚁大叔免费账号共享器w.05 .exe	vmprotect

Files

47028f00eab755b60c9ab8b1319ce38739924b4587c6057b02a3d25d556bbfc2
.zip
下载说明.htm
.html .js
报毒说明.txt
蚂蚁大叔免费账号共享器w.05 .exe
.exe windows x86

9a9814e537a389ddafce9572ceac06dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetConnectStatusA

kernel32

FindResourceExA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

ShowWindow

gdi32

GetSystemPaletteEntries

winmm

waveOutPrepareHeader

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CoRegisterMessageFilter

oleaut32

VariantClear

comctl32

ord17

oledlg

ord8

ws2_32

recvfrom

wininet

HttpSendRequestA

comdlg32

GetOpenFileNameA

Sections

.text
Size: - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
软件使用说明.txt

Sharing

General

Malware Config

Signatures

Files

9a9814e537a389ddafce9572ceac06dd

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

ws2_32

wininet

comdlg32

Sections

.text Size: - Virtual size: 480KB

.rdata Size: - Virtual size: 278KB

.data Size: - Virtual size: 174KB

.vmp0 Size: - Virtual size: 817KB

.vmp1 Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: - Virtual size: 480KB

.rdata
Size: - Virtual size: 278KB

.data
Size: - Virtual size: 174KB

.vmp0
Size: - Virtual size: 817KB

.vmp1
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 72KB - Virtual size: 68KB