77c8df6cee578d12bf492eed9733322c016e5bfe13df4a63d3ae3fc8fccaee66

Sharing

Copy URL

Twitter E-mail

General

Target

77c8df6cee578d12bf492eed9733322c016e5bfe13df4a63d3ae3fc8fccaee66
Size

1.2MB
MD5

1dd997884ac9ac47cdad4b91e4fb7930
SHA1

3e68c912b98277e47663b414d7f68772596b2956
SHA256

77c8df6cee578d12bf492eed9733322c016e5bfe13df4a63d3ae3fc8fccaee66
SHA512

624f04b06cad900baa79c73a78e0577d6b640ef78680d5d09bfc093e61e05063a5afeec626c84993a3e7cff348f707533ee91e3828acb363109984c26da2a80f
SSDEEP

24576:i5cO2BGt7zG4TOaeOvDzCpKts64Q6dw9o6b6jY0KNAoH:FO2sfGdOvXCpQK5y90oAo

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs
Detects executables packed with VMProtect commercial packer.
vmprotect

Processes:

resource yara_rule

sample vmprotect

resource	yara_rule
sample	vmprotect

Files

77c8df6cee578d12bf492eed9733322c016e5bfe13df4a63d3ae3fc8fccaee66
.dll windows x86

217705e1e02e6d3b6c634d6849100e28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA

psapi

GetModuleInformation

iphlpapi

GetAdaptersInfo

kernel32

GetVersionExA
GetVersion
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetTopWindow

gdi32

ScaleViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegDeleteKeyA

comctl32

ord17

shlwapi

PathFindExtensionA

oleaut32

VariantInit

Exports

Exports

CheckRuntime
EncryptString
GetCpuID
GetCpuIDW
GetDiskID
GetDiskIDW
GetMacID
GetMacIDW
GetModuleBase
MainDLL
_CorExeMain

Sections

.text
Size: - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 922KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

217705e1e02e6d3b6c634d6849100e28

Headers

File Characteristics

Imports

version

psapi

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: - Virtual size: 179KB

.rdata Size: - Virtual size: 33KB

.data Size: - Virtual size: 49KB

.vmp0 Size: - Virtual size: 922KB

.vmp1 Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 4KB - Virtual size: 228B

.rsrc Size: 8KB - Virtual size: 16KB

.text
Size: - Virtual size: 179KB

.rdata
Size: - Virtual size: 33KB

.data
Size: - Virtual size: 49KB

.vmp0
Size: - Virtual size: 922KB

.vmp1
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 4KB - Virtual size: 228B

.rsrc
Size: 8KB - Virtual size: 16KB