760151a27e5dddc5413c93ccd66a43987b7e834f57cf69f0e6e3cfebc7d81995

Sharing

Copy URL Twitter E-mail

General

Target

760151a27e5dddc5413c93ccd66a43987b7e834f57cf69f0e6e3cfebc7d81995
Size

10.8MB
MD5

9573a7fc01bbbacf2b33f21e62019143
SHA1

bfc30a32ba6388df1f86ffe8ca5f6444b5f50ff2
SHA256

760151a27e5dddc5413c93ccd66a43987b7e834f57cf69f0e6e3cfebc7d81995
SHA512

f73da4d39c0b077edea285066f8024731288ee336d0e81b8f29c2e468509131933be55dad8a11e54860c8768bfd913b698965c3f820001f383292aec26d5573c
SSDEEP

196608:VfMBEX11DQgj5r/6XcMWVDL3Oqr9nGop3y/lFzW:VEivQiJlMWVXO22lM

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760151a27e5dddc5413c93ccd66a43987b7e834f57cf69f0e6e3cfebc7d81995

Files

760151a27e5dddc5413c93ccd66a43987b7e834f57cf69f0e6e3cfebc7d81995
.exe windows:5 windows x86

e5e4f0f0d1434ded59298389b46605f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamRestart

ws2_32

getpeername

kernel32

GetVersionExA
GetVersion
HeapSize
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

TranslateAcceleratorA

gdi32

CreatePalette

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

comdlg32

GetFileTitleA

Sections

.text
Size: - Virtual size: 846KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 10.4MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5e4f0f0d1434ded59298389b46605f6

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 846KB

.rdata Size: - Virtual size: 680KB

.data Size: - Virtual size: 377KB

.vmp0 Size: - Virtual size: 8.9MB

.vmp1 Size: 10.4MB - Virtual size: 10.4MB

.rsrc Size: 364KB - Virtual size: 361KB

.text
Size: - Virtual size: 846KB

.rdata
Size: - Virtual size: 680KB

.data
Size: - Virtual size: 377KB

.vmp0
Size: - Virtual size: 8.9MB

.vmp1
Size: 10.4MB - Virtual size: 10.4MB

.rsrc
Size: 364KB - Virtual size: 361KB