ac8cc851ef3b7f93e6c768114a66da892f3da1ab6dc315295b9b68c5525dcca2

Sharing

Copy URL

Twitter E-mail

General

Target

ac8cc851ef3b7f93e6c768114a66da892f3da1ab6dc315295b9b68c5525dcca2
Size

1.8MB
MD5

b369b12897c86e1aa0695c68afcc02f2
SHA1

f5a04b7de223e92f1d2f394a7a4643895871eb27
SHA256

ac8cc851ef3b7f93e6c768114a66da892f3da1ab6dc315295b9b68c5525dcca2
SHA512

eae5e1fc462d043baa9defd45ee7d5ca77d7d6a92cb093d46dddcaab62ca2bfd6deaa244de9c1616c7c7109874fdc61fa78bfadb1436f0ab0d61ed26599d63df
SSDEEP

24576:XKjVECbWaHx6158T5GjnPYsLaaRKLM4LcvcJHiNj/NFhDth1LpBNyL+8JrIieN:XpCba158FG8gjKLM4LTCNbhbhNyL9RM

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac8cc851ef3b7f93e6c768114a66da892f3da1ab6dc315295b9b68c5525dcca2

Files

ac8cc851ef3b7f93e6c768114a66da892f3da1ab6dc315295b9b68c5525dcca2
.exe windows x86

79b2446b3a0222b4311bbc4f04b83655

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

winmm

midiStreamProperty

ws2_32

ioctlsocket

kernel32

GetVersionExA
GetVersion
SetUnhandledExceptionFilter
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetForegroundWindow

gdi32

CombineRgn

winspool.drv

ClosePrinter

comdlg32

ChooseColorA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ord17

Sections

.text
Size: - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79b2446b3a0222b4311bbc4f04b83655

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: - Virtual size: 687KB

.rdata Size: - Virtual size: 199KB

.data Size: - Virtual size: 367KB

.vmp0 Size: - Virtual size: 1.0MB

.vmp1 Size: 1.6MB - Virtual size: 1.6MB

.rsrc Size: 196KB - Virtual size: 194KB

.text
Size: - Virtual size: 687KB

.rdata
Size: - Virtual size: 199KB

.data
Size: - Virtual size: 367KB

.vmp0
Size: - Virtual size: 1.0MB

.vmp1
Size: 1.6MB - Virtual size: 1.6MB

.rsrc
Size: 196KB - Virtual size: 194KB