Behavioral task
behavioral1
Sample
ed512a9d72a0a4c6d7dfbb8fa93faeaa51a3d7671a3cfeeaae0a12fca9bcfcbb.exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral2
Sample
ed512a9d72a0a4c6d7dfbb8fa93faeaa51a3d7671a3cfeeaae0a12fca9bcfcbb.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
General
-
Target
ed512a9d72a0a4c6d7dfbb8fa93faeaa51a3d7671a3cfeeaae0a12fca9bcfcbb
-
Size
312KB
-
MD5
aebc02d7b30de47bb7f14b12816fb218
-
SHA1
fafc6f84fd2cae7c3da51ab75d0b33c9b618c7d3
-
SHA256
ed512a9d72a0a4c6d7dfbb8fa93faeaa51a3d7671a3cfeeaae0a12fca9bcfcbb
-
SHA512
0d660dbc694a89673d798a5f09ae4ef6e9895b5cf494ec2817279254a1fdbfefa35a19d4d375c0ed059eab24a00a73ac2a30a3d21ac9902dae47114ff316767b
-
SSDEEP
6144:37v5PPJC3eCal0J+PoBPT5ce0nIhybZYulTeVaEeIDwjdMPHA93OPg:37v5nJCOd0J+PoBPTd0IhyNnesEkpMoL
Malware Config
Signatures
-
resource yara_rule sample vmprotect
Files
-
ed512a9d72a0a4c6d7dfbb8fa93faeaa51a3d7671a3cfeeaae0a12fca9bcfcbb.exe windows x86
57849c506c2be394b4f21316c68be59a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetQueryDataAvailable
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
HttpOpenRequestA
InternetCrackUrlW
InternetSetOptionW
InternetWriteFile
InternetTimeFromSystemTime
InternetOpenW
InternetGetConnectedState
HttpSendRequestW
InternetGetLastResponseInfoA
HttpSendRequestA
InternetSetStatusCallback
InternetConnectW
InternetGoOnline
InternetSetFilePointer
HttpOpenRequestW
InternetQueryOptionA
HttpQueryInfoW
InternetCloseHandle
InternetTimeToSystemTime
InternetGetLastResponseInfoW
InternetReadFile
InternetCanonicalizeUrlW
winspool.drv
OpenPrinterW
DeviceCapabilitiesW
EnumPrintersA
GetPrinterDriverA
EnumPrinterDriversA
ClosePrinter
DocumentPropertiesW
SetPrinterA
DeviceCapabilitiesA
OpenPrinterA
StartDocPrinterA
EnumPrintersW
DocumentPropertiesA
GetPrinterW
ord204
advapi32
AccessCheck
RegCreateKeyExW
RegOpenKeyExW
GetAclInformation
AdjustTokenPrivileges
CryptExportKey
DeleteService
RegCreateKeyExA
DeregisterEventSource
OpenThreadToken
DuplicateToken
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyW
RegSetValueExW
CreateServiceA
InitializeSecurityDescriptor
CryptCreateHash
GetLengthSid
SetSecurityDescriptorOwner
SetFileSecurityA
RegCloseKey
CryptHashData
AllocateAndInitializeSid
FreeSid
ImpersonateSelf
RegDeleteValueW
RegQueryValueW
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeAcl
GetTokenInformation
RegSetValueExA
OpenProcessToken
RegDeleteValueA
GetUserNameA
DeleteAce
AddAccessAllowedAce
ControlService
RegQueryValueA
CryptGenRandom
GetSecurityDescriptorDacl
ReportEventA
EqualSid
RegQueryValueExA
CryptDestroyHash
OpenSCManagerA
StartServiceA
RegOpenKeyExA
CopySid
SetSecurityDescriptorGroup
RegDeleteKeyA
OpenServiceA
RegCreateKeyA
RegSetValueA
GetUserNameW
RegQueryValueExW
CloseServiceHandle
LookupPrivilegeValueA
RegEnumKeyA
CryptAcquireContextA
CryptGenKey
gdi32
DescribePixelFormat
StretchDIBits
GdiFlush
CreateICA
DeleteDC
SelectClipPath
ResetDCA
GetBitmapDimensionEx
GetTextAlign
GetStockObject
GetWindowOrgEx
AnimatePalette
ExtTextOutA
SetArcDirection
GetMiterLimit
MaskBlt
SetWindowExtEx
CreateCompatibleBitmap
GetTextExtentPoint32W
TranslateCharsetInfo
SetBitmapBits
GetSystemPaletteEntries
SetStretchBltMode
CreateDIBSection
SetTextColor
DrawEscape
GetWindowExtEx
CreatePalette
EnumFontFamiliesExA
Chord
PlayMetaFileRecord
Rectangle
SetMapMode
RectInRegion
EqualRgn
SetDIBitsToDevice
ExcludeClipRect
GetObjectW
SetMiterLimit
CreateFontIndirectA
SetPaletteEntries
IntersectClipRect
GetTextFaceW
PolyBezier
GetRgnBox
ExtCreatePen
GetCharWidthA
PolyBezierTo
PaintRgn
PlayMetaFile
LPtoDP
GetKerningPairsA
GetTextFaceA
GetTextMetricsW
ChoosePixelFormat
SetBitmapDimensionEx
CreateSolidBrush
SetWindowOrgEx
BitBlt
OffsetRgn
CreateRectRgnIndirect
PolylineTo
StretchBlt
SaveDC
CloseMetaFile
GetViewportExtEx
EnumObjects
CreatePolygonRgn
GetEnhMetaFileHeader
ScaleWindowExtEx
UpdateColors
SetTextAlign
GetEnhMetaFileA
SetBkColor
SelectPalette
CreateFontW
SetBrushOrgEx
LineTo
ArcTo
GetRegionData
CreateCompatibleDC
CloseFigure
SetPixelV
DeleteEnhMetaFile
GetBitmapBits
GetBkMode
GetNearestPaletteIndex
GetTextMetricsA
PtInRegion
GdiComment
CreateHatchBrush
WidenPath
GetColorAdjustment
Ellipse
CreateDiscardableBitmap
GetClipBox
PlgBlt
GetPixel
FloodFill
GetTextExtentPointA
SetTextCharacterExtra
GetDeviceCaps
SetDIBColorTable
FrameRgn
DPtoLP
GetGlyphOutlineA
CreateRoundRectRgn
CloseEnhMetaFile
CreateMetaFileA
GetCharABCWidthsA
CreateDIBitmap
ExtSelectClipRgn
EnumFontFamiliesExW
SwapBuffers
CreateEnhMetaFileA
TextOutW
PtVisible
GetAspectRatioFilterEx
OffsetViewportOrgEx
SelectObject
SetBkMode
PlayEnhMetaFile
AbortDoc
CreateDIBPatternBrushPt
GetBrushOrgEx
FillPath
GetCurrentObject
SetPixelFormat
StrokePath
SetPixel
CreatePen
SetColorAdjustment
CreateRectRgn
GetDCOrgEx
StartDocA
RectVisible
GetFontData
GetROP2
GetTextExtentPoint32A
GetNearestColor
FillRgn
Polygon
EndDoc
Polyline
GetPaletteEntries
SetViewportExtEx
CreatePenIndirect
GetMapMode
PolyPolygon
SetPolyFillMode
SetViewportOrgEx
RestoreDC
SetRectRgn
DeleteObject
Pie
CreatePatternBrush
ExtTextOutW
GetCharWidthFloatA
GetBkColor
OffsetClipRgn
Escape
SelectClipRgn
ScaleViewportExtEx
PolyDraw
ResizePalette
CombineRgn
AbortPath
GetCharABCWidthsFloatA
GetTextColor
MoveToEx
GetObjectA
SetROP2
CreateFontA
PatBlt
GetDIBits
GetObjectType
GetCharWidth32A
CreateEllipticRgnIndirect
UnrealizeObject
GetClipRgn
EnumMetaFile
AngleArc
SetAbortProc
EndPage
CreateBitmap
StartPage
CopyMetaFileA
SetMapperFlags
CreateDCA
RoundRect
CreateBrushIndirect
TextOutA
GetCurrentPositionEx
RealizePalette
ExtFloodFill
GetCharWidthW
GetBoundsRect
comctl32
CreateStatusWindowW
ImageList_SetOverlayImage
ImageList_Draw
ImageList_BeginDrag
ImageList_Destroy
ImageList_Remove
ImageList_DragShowNolock
FlatSB_EnableScrollBar
ImageList_GetIconSize
ImageList_EndDrag
ImageList_Create
ImageList_LoadImageA
ImageList_GetImageInfo
CreatePropertySheetPageA
ImageList_SetBkColor
ImageList_DragMove
ImageList_DragEnter
ImageList_AddMasked
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_GetIcon
ImageList_SetDragCursorImage
PropertySheetA
ord17
ImageList_GetImageCount
_TrackMouseEvent
ImageList_DrawEx
ImageList_GetBkColor
InitializeFlatSB
user32
SetClipboardData
SetDlgItemInt
GetCursorPos
FillRect
GetClassNameA
FrameRect
GetDlgItemTextA
TrackPopupMenuEx
BeginPaint
SetMenuDefaultItem
AttachThreadInput
GetClassInfoA
RegisterClassExA
DrawFocusRect
EmptyClipboard
SetRectEmpty
RegisterClassA
SetWindowTextA
RemovePropA
EnableWindow
RegisterWindowMessageW
RegisterWindowMessageA
EnumChildWindows
SetDlgItemTextA
CreateDialogIndirectParamA
AdjustWindowRectEx
GetMessageW
SetWindowLongA
GetMessagePos
GetKeyNameTextA
CallWindowProcW
EnableMenuItem
SetWindowContextHelpId
LoadStringW
GetWindowPlacement
DrawIconEx
CloseClipboard
SetCapture
LoadImageW
MapWindowPoints
TrackPopupMenu
RemoveMenu
SendMessageA
RegisterClipboardFormatA
GetClassInfoExW
MessageBoxW
DispatchMessageA
OffsetRect
ExcludeUpdateRgn
DestroyIcon
UnionRect
GetParent
DispatchMessageW
LoadAcceleratorsA
GetDialogBaseUnits
ShowCursor
CopyAcceleratorTableW
CheckMenuRadioItem
DestroyAcceleratorTable
SetPropW
CreateDialogParamW
ShowOwnedPopups
DeleteMenu
SystemParametersInfoA
CreateAcceleratorTableW
GetDlgItem
DrawTextExA
GetDoubleClickTime
IsZoomed
LoadIconA
GetDC
TranslateAcceleratorA
IsMenu
SendMessageW
SetRect
ShowCaret
BeginDeferWindowPos
InsertMenuA
SetPropA
UnregisterClassW
PostThreadMessageW
GetWindowTextW
GetWindowDC
MessageBoxA
DeferWindowPos
UnregisterHotKey
GetMonitorInfoW
FlashWindow
DrawTextA
ValidateRect
GetUpdateRect
InsertMenuItemW
SendDlgItemMessageW
IsDialogMessageA
IsRectEmpty
GetActiveWindow
SetCursorPos
CreateIconIndirect
LoadImageA
SystemParametersInfoW
ShowScrollBar
wsprintfW
ScrollWindowEx
ModifyMenuW
LoadStringA
SendDlgItemMessageA
PostQuitMessage
ReleaseDC
RegisterClassExW
CallNextHookEx
GetPropW
CreateWindowExA
SetParent
GetWindowLongA
AppendMenuA
CopyRect
wsprintfA
GetClassLongA
PostMessageA
GetDesktopWindow
GetMenu
SetMenu
GetMessageA
SetWindowRgn
GetWindow
PeekMessageW
GetKeyState
LoadBitmapA
SetWindowPlacement
RedrawWindow
OpenClipboard
LoadCursorA
GetTopWindow
SetCursor
ShowWindow
GetMenuCheckMarkDimensions
PeekMessageA
ModifyMenuA
RegisterClassW
DrawStateA
ScreenToClient
GrayStringA
SetMenuItemBitmaps
EndDialog
IsWindow
EndDeferWindowPos
GetScrollInfo
GetClassLongW
GetMenuState
UnhookWindowsHookEx
LoadAcceleratorsW
DefWindowProcA
ScrollWindow
ClipCursor
DefWindowProcW
GetMenuItemInfoA
InvalidateRect
MessageBeep
CreatePopupMenu
GetSystemMetrics
InvalidateRgn
IsDlgButtonChecked
EnumWindows
UpdateWindow
CreateMenu
ExitWindowsEx
ChildWindowFromPoint
SetWindowLongW
DrawIcon
InsertMenuW
SetDlgItemTextW
GetNextDlgTabItem
DestroyWindow
IsIconic
RegisterClipboardFormatW
SetActiveWindow
CharLowerW
TabbedTextOutA
PtInRect
LockWindowUpdate
BringWindowToTop
GetForegroundWindow
KillTimer
ReuseDDElParam
MoveWindow
DestroyCursor
GetDlgCtrlID
SetWindowPos
CharNextA
GetDCEx
MonitorFromRect
GetPropA
InflateRect
LoadCursorW
GetWindowTextLengthW
ClientToScreen
DestroyMenu
TranslateMessage
EndPaint
SetWindowsHookExW
GetLastActivePopup
GetAsyncKeyState
GetWindowRect
SetWindowsHookExA
GetWindowTextLengthA
WinHelpA
GetMenuItemInfoW
GetMenuItemID
LoadMenuW
LoadBitmapW
GetSystemMenu
SetForegroundWindow
LoadIconW
DrawTextW
GetCapture
CreateWindowExW
CopyAcceleratorTableA
PostMessageW
HideCaret
WindowFromPoint
SetScrollInfo
IsWindowUnicode
GetNextDlgGroupItem
DialogBoxIndirectParamA
LoadMenuA
GetWindowTextA
SetFocus
GetSubMenu
DrawEdge
SetTimer
CheckMenuItem
GetMenuItemCount
DrawStateW
IsWindowVisible
SetMenuItemInfoW
DrawMenuBar
EqualRect
GetSysColor
GetWindowThreadProcessId
GetFocus
CharUpperW
GetClientRect
CallWindowProcA
GetMessageTime
MessageBoxA
kernel32
IsBadWritePtr
MoveFileA
LocalFree
HeapCreate
GetSystemTime
GetCommandLineA
IsBadCodePtr
GetEnvironmentStringsW
GetStringTypeExA
CreateFileMappingA
GlobalUnlock
lstrcpynA
lstrcmpiW
WinExec
IsBadStringPtrA
GetShortPathNameA
GetConsoleMode
VirtualQuery
GetLocalTime
CloseHandle
TlsAlloc
UnmapViewOfFile
GetModuleHandleA
FindClose
GetSystemInfo
TerminateThread
WriteConsoleW
SetErrorMode
GlobalGetAtomNameA
SetFileTime
GetCPInfo
QueryPerformanceFrequency
GetDiskFreeSpaceA
EnumSystemLocalesA
SizeofResource
GetTickCount
GlobalHandle
ExpandEnvironmentStringsA
lstrcmpiA
IsDebuggerPresent
LCMapStringW
ResetEvent
GetStringTypeExW
GlobalSize
GetCurrentThreadId
GetCommandLineW
WaitForSingleObject
SetLastError
lstrcatW
GlobalAddAtomA
FormatMessageA
LeaveCriticalSection
UnhandledExceptionFilter
GetStdHandle
GetTimeZoneInformation
GetDateFormatW
VirtualProtect
_lclose
HeapReAlloc
DuplicateHandle
LocalFileTimeToFileTime
SetHandleInformation
Sleep
LoadLibraryExA
RemoveDirectoryA
LoadResource
lstrcpynW
GetTempFileNameA
WriteFile
SystemTimeToFileTime
lstrcmpA
GlobalLock
LocalLock
IsValidCodePage
SetEvent
LCMapStringA
SetFilePointer
GetEnvironmentStrings
GetCurrentThread
GetModuleFileNameW
MulDiv
RtlUnwind
TlsGetValue
GetPrivateProfileStringA
OpenMutexA
VirtualAlloc
CreateMutexA
RaiseException
FlushInstructionCache
FindResourceW
GlobalFree
SetEndOfFile
FormatMessageW
GetOEMCP
WritePrivateProfileSectionA
GetStartupInfoA
GetACP
GetLastError
lstrlenW
GlobalFindAtomA
FreeEnvironmentStringsW
GetSystemDirectoryA
InitializeCriticalSection
SetHandleCount
LockResource
GlobalDeleteAtom
GetStartupInfoW
GetCurrentDirectoryW
InterlockedDecrement
GetTempPathW
MultiByteToWideChar
CompareStringA
GetDateFormatA
GetTempPathA
TlsSetValue
GetVersionExW
GetTimeFormatA
GetConsoleOutputCP
IsBadReadPtr
TlsFree
SetThreadPriority
lstrcpyW
GetVolumeInformationA
GetSystemDefaultLangID
FindResourceA
SetUnhandledExceptionFilter
CopyFileA
CreateFileA
FreeLibrary
GetSystemTimeAsFileTime
GetLocaleInfoW
GetProcessHeap
EnumResourceLanguagesA
GetEnvironmentVariableA
FileTimeToSystemTime
GetStringTypeW
GlobalMemoryStatus
HeapAlloc
LoadLibraryA
GetCurrentProcess
QueryPerformanceCounter
FindNextFileA
LockFile
InterlockedExchange
GetWindowsDirectoryA
DeleteCriticalSection
GetFileAttributesA
lstrcpyA
TerminateProcess
SetEnvironmentVariableA
lstrcmpW
LocalReAlloc
DeviceIoControl
CompareFileTime
FreeEnvironmentStringsA
SetCurrentDirectoryW
WriteProcessMemory
ExitProcess
GetVersionExA
CreateDirectoryA
ConvertDefaultLocale
WriteConsoleA
GetFullPathNameA
GetUserDefaultLCID
lstrcatA
CreateThread
UnlockFile
GetProfileStringA
IsProcessorFeaturePresent
GetProcAddress
FlushFileBuffers
CreateSemaphoreA
FreeResource
GetFileSize
GetFileType
FindResourceExW
GetModuleFileNameA
GlobalAlloc
GetCurrentProcessId
FileTimeToLocalFileTime
GetStringTypeA
HeapFree
HeapDestroy
GetConsoleCP
FatalAppExitA
FindFirstFileA
ResumeThread
CreatePipe
CompareStringW
GetVersion
CreateEventA
lstrlenA
ReadFile
SetStdHandle
ExitThread
EnterCriticalSection
WideCharToMultiByte
HeapSize
VirtualFree
GetFileTime
IsValidLocale
GetLocaleInfoA
GlobalReAlloc
VirtualProtect
GetModuleFileNameA
ExitProcess
Sections
.text Size: - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 296KB - Virtual size: 293KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 60B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ