8309c1536bde90aab9e7584d4a99a4090bf6e0b17c47bf888657510f8259752b

Sharing

Copy URL

Twitter E-mail

General

Target

8309c1536bde90aab9e7584d4a99a4090bf6e0b17c47bf888657510f8259752b
Size

5.6MB
MD5

010e5c784bccdf680982618b0080fb1c
SHA1

df52c58199e9ed7992ced2e376a8a2fb515250b7
SHA256

8309c1536bde90aab9e7584d4a99a4090bf6e0b17c47bf888657510f8259752b
SHA512

34620f103adb462e58bd558123c7e4e08143ae31f63a30c757fca24bb1457efdbfd82666f4ddedc21ad317b884b23d0ec8d77f89c61d309c05f13ea80a0e0d1d
SSDEEP

98304:4aU2WbUWKQFkvnH0g9J6dfNWbJX5XbSe84Qe5fvgxC5mTnqwnliMwL1ksitCR:45XUWKP0g9sdf0zXecQ4vgxCovq1kh0

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8309c1536bde90aab9e7584d4a99a4090bf6e0b17c47bf888657510f8259752b

Files

8309c1536bde90aab9e7584d4a99a4090bf6e0b17c47bf888657510f8259752b
.exe windows:5 windows x86

1fa006b01c075e7b811be82cc225e139

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutRestart

ws2_32

WSAAsyncSelect

kernel32

GetVersionExA
GetVersion
SetHandleCount
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

AppendMenuA

gdi32

StartPage

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

OleUninitialize

oleaut32

VariantChangeType

comctl32

ImageList_Destroy

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 785B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fa006b01c075e7b811be82cc225e139

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 646KB

.rdata Size: - Virtual size: 1.5MB

.data Size: - Virtual size: 320KB

.vmp0 Size: - Virtual size: 3.5MB

.vmp1 Size: 5.6MB - Virtual size: 5.6MB

.rsrc Size: 4KB - Virtual size: 785B

.text
Size: - Virtual size: 646KB

.rdata
Size: - Virtual size: 1.5MB

.data
Size: - Virtual size: 320KB

.vmp0
Size: - Virtual size: 3.5MB

.vmp1
Size: 5.6MB - Virtual size: 5.6MB

.rsrc
Size: 4KB - Virtual size: 785B