57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea

Sharing

Copy URL

Twitter E-mail

General

Target

57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea
Size

2.2MB
MD5

85e4a2e89ea63ef5f7efc216ad3fa0d5
SHA1

d6fd614b9fc2ed36e980e69ccd0b49293ac76e39
SHA256

57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea
SHA512

aed83433425f785a774d9b5d9173de6ae4df5e1c0bc9ce239fb0a04535a3bda9997af7b8506a0df5ea0abadb3c9432bf8f86768308d51925d1ba947505b4f55b
SSDEEP

49152:kj8+v+BCMbV4YDM4OgQ5s7XwMgfF8Fg/7H4IIunl/x:kjNLWALXKu

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea

Files

57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea
.exe windows x86

899f6244ceeacc4684213f8ff811b161

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

LoadBitmapA

gdi32

LPtoDP

winmm

waveOutPrepareHeader

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

OleUninitialize

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 589KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 882KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 985KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

899f6244ceeacc4684213f8ff811b161

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 589KB

.rdata Size: - Virtual size: 882KB

.data Size: - Virtual size: 134KB

.vmp0 Size: - Virtual size: 985KB

.vmp1 Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 589KB

.rdata
Size: - Virtual size: 882KB

.data
Size: - Virtual size: 134KB

.vmp0
Size: - Virtual size: 985KB

.vmp1
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 8KB - Virtual size: 5KB