462a6b0c10b7351b2fe13d44d30e20daab97637b8ae1e92b7acf2e9a82df5ed2

Sharing

Copy URL Twitter E-mail

General

Target

462a6b0c10b7351b2fe13d44d30e20daab97637b8ae1e92b7acf2e9a82df5ed2
Size

1.7MB
MD5

c1b7b7641d7793393e3f7281fc959ba2
SHA1

9ceda8ca6c671fd95bbe5951a4c307cba7b0b6a0
SHA256

462a6b0c10b7351b2fe13d44d30e20daab97637b8ae1e92b7acf2e9a82df5ed2
SHA512

9dc7234f25501c24315feeef7f1e6070e58835726e240393b00c8360c39238450510fdfe2f4bf330f33f1112eeab61848c84474fb494508be20f3856e21c4b41
SSDEEP

49152:QD0rrjoYOattZOm1mi8W/3uzjcxey1+5aNkIgVL:QDorcYV4m0iPicUv5aNkZ

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Files

462a6b0c10b7351b2fe13d44d30e20daab97637b8ae1e92b7acf2e9a82df5ed2
.exe windows x86

9178ad2dd403ba06498bd6d5f61783dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
CreateSemaphoreA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

UpdateWindow

gdi32

DeleteObject

winmm

midiOutPrepareHeader

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

CoGetClassObject

oleaut32

SafeArrayGetElemsize

comctl32

ord17

oledlg

ord8

ws2_32

accept

comdlg32

GetOpenFileNameA

Sections

.text
Size: - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 940KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9178ad2dd403ba06498bd6d5f61783dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 457KB

.rdata Size: - Virtual size: 1.6MB

.data Size: - Virtual size: 125KB

.vmp0 Size: - Virtual size: 940KB

.vmp1 Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: - Virtual size: 457KB

.rdata
Size: - Virtual size: 1.6MB

.data
Size: - Virtual size: 125KB

.vmp0
Size: - Virtual size: 940KB

.vmp1
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 16KB - Virtual size: 14KB