Behavioral task
behavioral1
Sample
b4e271536caab2bc2562d7b916963e079da256cb24b44cbf5360e67cc3667cf4.exe
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral2
Sample
b4e271536caab2bc2562d7b916963e079da256cb24b44cbf5360e67cc3667cf4.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
General
-
Target
b4e271536caab2bc2562d7b916963e079da256cb24b44cbf5360e67cc3667cf4
-
Size
344KB
-
MD5
19a28c58840c308ffa73d0e196714a4d
-
SHA1
f3e7fe32ce2c756f8aeac071c97103f5bf554196
-
SHA256
b4e271536caab2bc2562d7b916963e079da256cb24b44cbf5360e67cc3667cf4
-
SHA512
1642f3c9d5c5baaf7900e1539dee1e51a7a7bc8824e27c28ec48d1a20501dde0d77bbe9e866d23ec13e35b42f04a62fde8b502c8f032cfabc1d7a140cb0a1968
-
SSDEEP
6144:lsJjS4PalQvUd2TBX+j+uyODkPWqj2rPKm1aN8YFpABecDz:aJjECs8J+j+z2nbKsa2mABX
Malware Config
Signatures
-
resource yara_rule sample vmprotect
Files
-
b4e271536caab2bc2562d7b916963e079da256cb24b44cbf5360e67cc3667cf4.exe windows x86
a837b2df11ab090a394cbbe7b24c67aa
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
CreateDCA
SetDIBits
ExcludeClipRect
SelectClipPath
DeleteDC
GetObjectW
BitBlt
SetTextJustification
SetViewportExtEx
AbortDoc
GetTextMetricsW
CreateDIBitmap
Chord
GetMiterLimit
RoundRect
SetMapMode
GdiFlush
GetMapMode
CreateHatchBrush
StretchBlt
PlgBlt
SetTextCharacterExtra
IntersectClipRect
GetNearestColor
GetBitmapBits
EndPage
CloseFigure
Polyline
SetPaletteEntries
GetOutlineTextMetricsA
GetWindowExtEx
SetPolyFillMode
StrokePath
CombineRgn
EnumMetaFile
DeleteObject
FrameRgn
Pie
GetCharWidthA
SelectPalette
CreateBitmap
GetTextExtentPointA
CreatePalette
SetPixel
PlayMetaFileRecord
PlayEnhMetaFile
CreateSolidBrush
Arc
GetTextColor
TextOutA
SetBitmapBits
OffsetClipRgn
GetColorAdjustment
PolyPolyline
CreateFontIndirectA
GetRegionData
GetBkColor
PolylineTo
SetBkColor
MoveToEx
Escape
SetViewportOrgEx
GetCurrentPositionEx
CreatePatternBrush
StartDocW
SetDIBitsToDevice
DPtoLP
SetTextColor
Polygon
GetTextCharacterExtra
PatBlt
CreateBrushIndirect
GetBrushOrgEx
GetWindowOrgEx
GetTextExtentPoint32A
StrokeAndFillPath
GetTextMetricsA
GetDeviceCaps
GetClipRgn
CreateEllipticRgnIndirect
GetObjectA
OffsetViewportOrgEx
GetClipBox
SetArcDirection
GetSystemPaletteEntries
PolyPolygon
ExtFloodFill
CreatePolygonRgn
SetMiterLimit
CreatePenIndirect
PtInRegion
SetBoundsRect
GetCharWidthFloatA
StartDocA
RestoreDC
SelectObject
SelectClipRgn
GetViewportOrgEx
SetWindowExtEx
EnumObjects
GetGlyphOutlineA
CreateFontW
GetROP2
CreateHalftonePalette
GetBoundsRect
SetROP2
GdiComment
FloodFill
GetArcDirection
GetCharABCWidthsW
GetPaletteEntries
ExtTextOutW
GetViewportExtEx
CreateEllipticRgn
CreateFontA
SaveDC
GetPixel
StretchDIBits
SetBkMode
AngleArc
CloseMetaFile
GetCurrentObject
CreateDiscardableBitmap
OffsetWindowOrgEx
AbortPath
CreatePen
LineTo
GetObjectType
ResizePalette
UnrealizeObject
SetAbortProc
Ellipse
GetPolyFillMode
DrawEscape
ExtCreatePen
StartPage
GetDIBits
ExtCreateRegion
CreateDIBSection
CreateCompatibleBitmap
CreateMetaFileA
EqualRgn
SetRectRgn
GetDCOrgEx
CreateRoundRectRgn
MaskBlt
SetBrushOrgEx
GetRgnBox
GetBkMode
SetPixelV
ScaleViewportExtEx
CreateICA
SetMapperFlags
GetNearestPaletteIndex
ExtTextOutA
SetWorldTransform
GetStretchBltMode
EnumFontFamiliesExW
ArcTo
WidenPath
FillRgn
GetStockObject
PlayMetaFile
SetWindowOrgEx
RealizePalette
EndDoc
GetCharABCWidthsFloatA
CreateRectRgnIndirect
PtVisible
AnimatePalette
TextOutW
EnumFontFamiliesExA
DeleteMetaFile
PolyBezier
CopyMetaFileA
SetColorAdjustment
GetCharABCWidthsA
FillPath
GetAspectRatioFilterEx
CreatePolyPolygonRgn
GetTextFaceW
ExtSelectClipRgn
PathToRegion
CreateRectRgn
SetTextAlign
CreateDIBPatternBrushPt
RectVisible
SetStretchBltMode
GetCharWidthW
GetDIBColorTable
GetKerningPairsA
PaintRgn
PolyDraw
GetTextFaceA
CreateCompatibleDC
Rectangle
ScaleWindowExtEx
winmm
waveInGetNumDevs
mciSendCommandA
mmioOpenA
mixerGetLineInfoA
waveOutGetNumDevs
waveOutClose
waveOutRestart
waveInUnprepareHeader
waveOutPause
waveInStop
mixerClose
mciGetErrorStringA
waveInClose
waveInStart
PlaySoundA
waveInPrepareHeader
mmioWrite
waveInAddBuffer
mixerGetControlDetailsA
waveOutOpen
mixerOpen
waveInReset
mixerSetControlDetails
mixerGetID
waveOutUnprepareHeader
waveInGetDevCapsA
mmioDescend
waveInOpen
mmioRead
mmioClose
mixerGetLineControlsA
PlaySoundW
mixerGetDevCapsA
user32
IsZoomed
DestroyCaret
GetMenuItemRect
UnregisterClassW
EnableMenuItem
wsprintfA
GetParent
GetMessageA
GetWindowTextLengthW
ShowCaret
IsClipboardFormatAvailable
MapVirtualKeyA
SetCapture
SetWindowsHookExA
CreateWindowExW
GetWindowRect
ReleaseCapture
TranslateMessage
GetNextDlgTabItem
RemovePropW
ScreenToClient
LoadIconW
AppendMenuW
GetMenuCheckMarkDimensions
SystemParametersInfoA
IsMenu
RegisterWindowMessageW
SetCursor
SetWindowsHookExW
IsWindowVisible
GetWindowRgn
RemovePropA
InsertMenuItemA
WindowFromPoint
SetWindowContextHelpId
CharLowerBuffA
ValidateRect
wsprintfW
DefWindowProcA
GetFocus
CopyRect
SendMessageW
GetUpdateRect
DrawIcon
EndDialog
ShowOwnedPopups
PostThreadMessageW
SetWindowTextA
GetMenuItemCount
PostQuitMessage
GetTopWindow
SetTimer
ReleaseDC
GetWindowThreadProcessId
GetDialogBaseUnits
SetWindowRgn
DrawFocusRect
DrawIconEx
LoadAcceleratorsA
PostThreadMessageA
GetScrollPos
GetForegroundWindow
AdjustWindowRectEx
RegisterClassExA
LoadBitmapW
CharUpperA
MoveWindow
GetClassLongA
IsIconic
DrawMenuBar
UnhookWindowsHookEx
FrameRect
GetDC
LoadMenuA
InflateRect
CreateDialogIndirectParamA
DestroyIcon
DrawStateA
CreateDialogIndirectParamW
CharNextA
GetActiveWindow
SetScrollRange
GetAncestor
GetSysColor
ClientToScreen
InvalidateRect
GetClipboardOwner
IsDialogMessageA
LoadCursorW
CreateWindowExA
GetWindowTextA
GetLastActivePopup
CloseClipboard
TranslateAcceleratorA
DispatchMessageA
SetWindowLongW
SetPropA
EmptyClipboard
GetDlgItemInt
TrackPopupMenu
EndDeferWindowPos
UnregisterClassA
BeginDeferWindowPos
IsChild
GetMenuItemInfoW
GetWindowTextLengthA
GetDCEx
AppendMenuA
SetParent
DefWindowProcW
CreateIconIndirect
GetSystemMetrics
GetClassNameA
UpdateWindow
ExcludeUpdateRgn
DestroyCursor
GetMenuDefaultItem
DefDlgProcA
RegisterWindowMessageA
GetMessageTime
CreateMenu
SetDlgItemTextA
ToAsciiEx
GetMenuState
DestroyMenu
SetDlgItemTextW
GetMenuStringA
GetPropA
GetSubMenu
LoadStringA
SetForegroundWindow
LoadBitmapA
UnionRect
CheckMenuItem
GetIconInfo
CallNextHookEx
GetDlgItem
SetScrollInfo
SetMenu
GetClientRect
IntersectRect
DeferWindowPos
SetWindowLongA
IsWindowUnicode
RedrawWindow
SetScrollPos
GetSystemMenu
EndPaint
WindowFromDC
GetAsyncKeyState
SetFocus
GetClassInfoA
GetWindowDC
GetDlgItemTextA
IsWindow
EnableScrollBar
GetWindowTextW
HideCaret
ShowWindow
ModifyMenuW
EnableWindow
GetClassInfoExW
GetMenu
GetMonitorInfoW
SetRectEmpty
GetClassLongW
DrawTextExA
SetActiveWindow
GetDlgCtrlID
BeginPaint
CreateAcceleratorTableA
EqualRect
WinHelpA
DrawEdge
RemoveMenu
GetKeyState
GetWindowLongA
DestroyWindow
PeekMessageA
DrawFrameControl
ScrollWindow
GetSysColorBrush
CheckDlgButton
CopyImage
IsWindowEnabled
RegisterClassA
GetDoubleClickTime
GetWindow
SendDlgItemMessageA
OffsetRect
SendMessageA
SetCursorPos
SetWindowPos
RegisterClassW
UnpackDDElParam
IsDlgButtonChecked
PostMessageA
CallWindowProcA
EnumChildWindows
LoadMenuW
GetDesktopWindow
GetScrollInfo
BringWindowToTop
DrawTextA
LockWindowUpdate
LoadIconA
MapDialogRect
CreatePopupMenu
GetCaretPos
ReuseDDElParam
GetMessagePos
ScrollWindowEx
LoadImageW
TabbedTextOutA
MapWindowPoints
TranslateMDISysAccel
GrayStringA
TrackPopupMenuEx
CopyAcceleratorTableA
CheckRadioButton
KillTimer
DispatchMessageW
InvertRect
FillRect
DeleteMenu
RegisterClipboardFormatA
CallWindowProcW
SetMenuItemBitmaps
IsRectEmpty
ModifyMenuA
TranslateAcceleratorW
MessageBoxW
GetMenuStringW
GetCapture
GetMessageW
LoadCursorA
MessageBoxA
MenuItemFromPoint
GetMenuItemID
ShowScrollBar
GetClassInfoW
PtInRect
GetCursorPos
SetRect
MessageBoxA
ole32
CLSIDFromString
ReleaseStgMedium
CreateILockBytesOnHGlobal
RegisterDragDrop
OleFlushClipboard
GetClassFile
CoInitializeEx
OleDestroyMenuDescriptor
CreateItemMoniker
OleInitialize
OleCreateLinkToFile
StgIsStorageILockBytes
StgOpenStorage
ReadFmtUserTypeStg
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
OleSaveToStream
CoTaskMemAlloc
CoRegisterClassObject
CoInitialize
WriteClassStm
OleSave
CoCreateGuid
WriteFmtUserTypeStg
CoTaskMemFree
CreateOleAdviseHolder
CoLockObjectExternal
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
StgIsStorageFile
CoRegisterMessageFilter
ProgIDFromCLSID
CreateDataAdviseHolder
SetConvertStg
CLSIDFromProgID
CoGetClassObject
OleCreate
CoCreateInstance
OleGetClipboard
GetRunningObjectTable
OleRegEnumVerbs
OleRegGetUserType
OleCreateLinkFromData
OleRegGetMiscStatus
WriteClassStg
CoTreatAsClass
CoDisconnectObject
CoUninitialize
StringFromCLSID
OleSetMenuDescriptor
OleCreateFromFile
IsAccelerator
OleIsRunning
OleCreateMenuDescriptor
CoGetMalloc
RevokeDragDrop
OleSetClipboard
StgOpenStorageOnILockBytes
CreateBindCtx
CreateStreamOnHGlobal
OleLoad
OleTranslateAccelerator
OleUninitialize
DoDragDrop
OleRun
OleGetIconOfClass
OleLockRunning
CoRevokeClassObject
OleDuplicateData
OleCreateStaticFromData
StringFromGUID2
OleIsCurrentClipboard
advapi32
AddAccessAllowedAce
GetLengthSid
RegEnumKeyExA
CreateServiceA
RegSetValueA
RegEnumKeyA
RegDeleteValueA
CryptDecrypt
SetEntriesInAclW
RegSetValueExA
CryptAcquireContextA
MapGenericMask
RegSetValueExW
OpenProcessToken
AccessCheck
OpenServiceA
InitializeSecurityDescriptor
CryptGenRandom
FreeSid
RegOpenKeyExW
RegQueryValueExA
IsValidSecurityDescriptor
RevertToSelf
RegQueryInfoKeyW
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
CryptHashData
RegOpenKeyW
DeregisterEventSource
EqualSid
AdjustTokenPrivileges
RegSetKeySecurity
InitializeAcl
CloseServiceHandle
CryptDestroyKey
CryptGenKey
ReportEventW
CryptImportKey
RegQueryValueA
GetTokenInformation
RegisterEventSourceA
RegCreateKeyExA
SetSecurityDescriptorDacl
RegEnumValueW
RegEnumKeyW
CryptExportKey
LookupPrivilegeValueA
RegOpenKeyExA
RegOpenKeyA
CryptReleaseContext
OpenSCManagerA
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegDeleteKeyA
AllocateAndInitializeSid
CopySid
CryptCreateHash
RegCreateKeyA
CryptDestroyHash
kernel32
IsBadCodePtr
WideCharToMultiByte
GetVolumeInformationA
GetCurrentDirectoryW
GetCommandLineA
FatalAppExitA
GlobalAlloc
Module32FirstW
GetACP
GetFileType
IsValidCodePage
VirtualFree
CreatePipe
IsBadReadPtr
GetLocalTime
FindResourceA
FindNextFileA
GetVersionExW
GetSystemTimeAsFileTime
GetSystemInfo
RaiseException
GetModuleHandleW
FindClose
GetLocaleInfoA
GetCurrentProcessId
InterlockedExchange
CreateFileA
DeviceIoControl
GetLongPathNameW
CreateFileMappingA
GetThreadLocale
OpenMutexA
UnlockFile
VirtualProtect
CreateEventA
HeapFree
FindResourceW
WritePrivateProfileStringA
GetModuleFileNameW
GetStartupInfoA
CreateEventW
LoadLibraryA
HeapDestroy
LCMapStringA
TerminateProcess
SetEnvironmentVariableA
GetStringTypeA
GlobalAddAtomW
SetUnhandledExceptionFilter
CreateDirectoryW
CompareStringA
GetEnvironmentStringsW
ExitProcess
lstrlenW
CreateMutexA
QueryPerformanceFrequency
GetDateFormatA
TlsSetValue
GetFileAttributesW
SetStdHandle
ReadFile
HeapCreate
InterlockedIncrement
FreeEnvironmentStringsA
OpenEventA
FindResourceExA
CreateMutexW
WriteConsoleW
IsValidLocale
GetTempFileNameA
WinExec
GlobalLock
IsDebuggerPresent
FormatMessageA
ReleaseMutex
LocalFileTimeToFileTime
GlobalHandle
LoadResource
GetStartupInfoW
MulDiv
RemoveDirectoryA
IsDBCSLeadByte
ExitThread
Module32NextW
HeapReAlloc
EnumResourceLanguagesW
GetProcessHeap
InitializeCriticalSection
GetCurrentDirectoryA
SetEvent
FileTimeToSystemTime
GetDateFormatW
WriteConsoleA
lstrlenA
MultiByteToWideChar
FreeResource
WriteFile
lstrcmpiA
GetCPInfo
GetDriveTypeW
LeaveCriticalSection
GetSystemDefaultLangID
OpenProcess
LockResource
GetFullPathNameA
_lread
LocalAlloc
lstrcmpA
GetDiskFreeSpaceA
LocalReAlloc
_lcreat
TlsGetValue
GetNumberFormatW
GetModuleHandleA
SetFileAttributesA
GetVersionExA
GetCurrentProcess
UnhandledExceptionFilter
SetLocalTime
lstrcpynA
GetTimeZoneInformation
GetEnvironmentStrings
FreeEnvironmentStringsW
GetStdHandle
DeleteCriticalSection
GetVersion
GetProfileStringA
SetEndOfFile
SetErrorMode
LCMapStringW
CloseHandle
GetSystemTime
GetPrivateProfileStringW
lstrcatA
VirtualAlloc
GetTickCount
SetThreadPriority
FindResourceExW
FindNextFileW
GetProcAddress
CompareStringW
FreeLibrary
GetExitCodeProcess
GlobalFree
GetCurrentThread
WaitForSingleObject
ResumeThread
CreateThread
UnmapViewOfFile
LockFile
GlobalGetAtomNameA
GetUserDefaultLCID
GetWindowsDirectoryA
GetLastError
GetStringTypeExW
SystemTimeToFileTime
GlobalUnlock
CreateDirectoryA
EnterCriticalSection
CreateProcessA
HeapSize
GetCurrentThreadId
GetFileSize
SetFilePointer
GetOEMCP
QueryPerformanceCounter
GetDriveTypeA
GetConsoleMode
FlushFileBuffers
IsBadWritePtr
RtlUnwind
SetLastError
GetFileAttributesA
HeapAlloc
GetExitCodeThread
SizeofResource
lstrcpyW
TlsAlloc
DeleteFileA
FormatMessageW
GetSystemDirectoryA
MapViewOfFile
LocalFree
VirtualQuery
GlobalMemoryStatus
InterlockedDecrement
SetFileTime
OpenFile
FindFirstFileW
EnumSystemLocalesA
Sleep
GetFileTime
Beep
GetStringTypeW
SetHandleCount
GetTimeFormatA
GetAtomNameA
TlsFree
CopyFileA
FindFirstFileA
GlobalReAlloc
GetModuleFileNameA
lstrcpyA
VirtualProtect
GetModuleFileNameA
ExitProcess
comctl32
ImageList_Write
ImageList_ReplaceIcon
ImageList_Create
CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_Add
ImageList_Draw
ImageList_GetImageInfo
ImageList_SetDragCursorImage
ImageList_Merge
ord17
_TrackMouseEvent
ImageList_AddMasked
ImageList_GetIcon
ImageList_SetBkColor
ImageList_Read
ImageList_GetImageCount
ImageList_DragEnter
ImageList_DragMove
ImageList_GetBkColor
PropertySheetW
ImageList_LoadImageA
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_GetDragImage
PropertySheetA
ImageList_DragLeave
ImageList_Destroy
ImageList_SetOverlayImage
ImageList_Remove
ImageList_EndDrag
DestroyPropertySheetPage
ImageList_Replace
shell32
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteExA
DragFinish
SHChangeNotify
SHGetSpecialFolderLocation
FindExecutableA
SHGetPathFromIDListW
ExtractIconA
SHGetMalloc
ShellExecuteA
ord155
DragAcceptFiles
Shell_NotifyIconA
SHBrowseForFolderW
DragQueryFileA
SHBrowseForFolderA
ExtractIconW
Shell_NotifyIconW
Sections
.text Size: - Virtual size: 61KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 288KB - Virtual size: 286KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 52B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ