General
-
Target
6.ocx
-
Size
1.2MB
-
MD5
36a8cbbbd3bff900881efd9982bbf5c1
-
SHA1
c52ac18145b9e6d2e294798eb5c4d5ae58b80dff
-
SHA256
af1d011c95382ac51486221561ec920b4606ff2083c29fd4667c61d3338fd5b2
-
SHA512
a5e58faabe2eb614526eb6b69f8e9d4aa4ec684e170cc7b9d5df422ecf0abf047206b624c341e94807332bc18f3acfd0454bb4673a18b17ef270edbdeabc5f1f
-
SSDEEP
12288:9Z/q3ViIZG9N2/pBi6hSKiWXg7y+/gUlymNChQS8dKKTo:Xq3VN0S/pBicSAg7zYLTKT
Malware Config
Signatures
-
Processes:
resource yara_rule sample vmprotect
Files
-
6.ocx.exe windows x86
1f32788688d13577260c655bbaea02b7
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetVersionExA
GetVersion
GetProcAddress
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
user32
MessageBoxW
Sections
.text Size: - Virtual size: 52KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 374KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: - Virtual size: 603KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp1 Size: 700KB - Virtual size: 698KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 176KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ