97669bd0f2c115d4e7b4a7905aac075ae90b92c1b5e078c4c03b5a49473456dc

Sharing

Copy URL Twitter E-mail

General

Target

97669bd0f2c115d4e7b4a7905aac075ae90b92c1b5e078c4c03b5a49473456dc
Size

256KB
MD5

874a07e1d648d222fd20a43053e222a0
SHA1

809bfdbda2b0284c7bcd443f236eee99010be7c1
SHA256

97669bd0f2c115d4e7b4a7905aac075ae90b92c1b5e078c4c03b5a49473456dc
SHA512

ec607d25b94858e37b770a90845328bd498a1ed27473d0795dc42bde4ac2e86f6d071951817abd19644fe0c135ce57427298394da04e9d7ab71c53b8d261ec54
SSDEEP

6144:z11t8bMRtXQMk39rJYMggSDiqhmSBvrGVEJf1kxSAQUq7ypk:zyM/XQMkN1YvDdoSVNJfqc/7R

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Files

97669bd0f2c115d4e7b4a7905aac075ae90b92c1b5e078c4c03b5a49473456dc
.dll regsvr32 windows x86

e2e1db74475c6baa259d6f36eb4420d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

CallWindowProcW
MessageBoxW

advapi32

RegDeleteKeyW

shell32

StrStrIW

ole32

CoTaskMemAlloc

oleaut32

SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp2
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2e1db74475c6baa259d6f36eb4420d3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: - Virtual size: 39KB

.rdata Size: - Virtual size: 7KB

.data Size: - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 3KB

.vmp0 Size: - Virtual size: 4KB

.vmp1 Size: - Virtual size: 151KB

.vmp2 Size: 224KB - Virtual size: 220KB

.reloc Size: 4KB - Virtual size: 76B

.text
Size: - Virtual size: 39KB

.rdata
Size: - Virtual size: 7KB

.data
Size: - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 3KB

.vmp0
Size: - Virtual size: 4KB

.vmp1
Size: - Virtual size: 151KB

.vmp2
Size: 224KB - Virtual size: 220KB

.reloc
Size: 4KB - Virtual size: 76B