Behavioral task
behavioral1
Sample
ce237e7535c173a83a4e80c001eb0bc872a1af60d83b5d16b576f90f7a87430b.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
ce237e7535c173a83a4e80c001eb0bc872a1af60d83b5d16b576f90f7a87430b.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
ce237e7535c173a83a4e80c001eb0bc872a1af60d83b5d16b576f90f7a87430b
-
Size
13.6MB
-
MD5
d8e5b0c63b48aabaaa09bf021e2327cd
-
SHA1
a66f23a8e67739bf1c66e9f253a0d8047e090f68
-
SHA256
ce237e7535c173a83a4e80c001eb0bc872a1af60d83b5d16b576f90f7a87430b
-
SHA512
50b4f810c255ebdbe8a512fe594eda9a86e85554e71960c5294867133414190d774efadf4f4c9d81b7491c987fc242aa2955c7d24be28f232c97daf4a6c77b02
-
SSDEEP
393216:p/B/eaHV7J5b0dvw8g0aAYubERx75JpUDl:TegJnboZ7Ez6D
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ce237e7535c173a83a4e80c001eb0bc872a1af60d83b5d16b576f90f7a87430b
Files
-
ce237e7535c173a83a4e80c001eb0bc872a1af60d83b5d16b576f90f7a87430b.exe windows:6 windows x64
a9ba0c83022c0c6ca2c45f599db89da3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
ws2_32
getaddrinfo
WSAAddressToStringW
connect
freeaddrinfo
WSAGetLastError
WSACleanup
WSAStartup
socket
sendto
send
select
recvfrom
closesocket
ioctlsocket
recv
setupapi
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyW
SetupDiClassGuidsFromNameW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
kernel32
GetPrivateProfileStringW
WritePrivateProfileStringW
GetDiskFreeSpaceW
GetTempFileNameW
ReplaceFileW
GetUserDefaultLCID
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
GetAtomNameW
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
SetErrorMode
GetCurrentDirectoryW
GetProfileIntW
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
ResumeThread
SuspendThread
CreateEventW
SetEvent
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetShortPathNameW
IsValidLocale
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
GlobalGetAtomNameW
GetPrivateProfileIntW
GetCurrentProcessId
lstrcmpA
CompareStringW
OutputDebugStringW
FormatMessageA
GetStringTypeW
LCMapStringEx
GetLocaleInfoEx
CompareStringEx
GetCPInfo
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetFileType
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
CopyFileW
FormatMessageW
LocalFree
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetStdHandle
ExitProcess
GetDateFormatW
GetTimeFormatW
LCMapStringW
LoadLibraryW
GetModuleHandleExW
CompareStringA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
SetThreadPriority
CreateSemaphoreW
Sleep
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
lstrcpyW
ReleaseSemaphore
GetTickCount
GlobalSize
GlobalReAlloc
GetLocalTime
SetCommTimeouts
SetCommState
PurgeComm
GetCommState
SetupComm
ClearCommError
GetTickCount64
CloseHandle
WriteFile
ReadFile
CreateFileW
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLastError
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
SizeofResource
LockResource
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
WriteConsoleW
RtlVirtualUnwind
RtlUnwind
GetVersionExW
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
InitializeCriticalSectionAndSpinCount
user32
NotifyWinEvent
DrawFocusRect
SetParent
DeleteMenu
GetSystemMenu
WaitMessage
TranslateMessage
GetMessageW
RegisterClipboardFormatW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
DestroyIcon
InsertMenuItemW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
GetWindowDC
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
MessageBoxW
AdjustWindowRectEx
CharUpperW
GetPropW
SetPropW
ShowScrollBar
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
CallWindowProcW
SetWindowRgn
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindow
GetWindowTextLengthW
GetWindowTextW
SetFocus
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
UnregisterClassA
SendDlgItemMessageA
GetDlgCtrlID
LoadImageW
UnregisterClassW
GetSubMenu
EnableMenuItem
CheckMenuItem
LoadMenuW
SetWindowLongW
PostQuitMessage
ShowOwnedPopups
GetMenuItemInfoW
DestroyCursor
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
GetWindowLongW
IsZoomed
IsIconic
WindowFromPoint
MapDialogRect
GetDialogBaseUnits
GetKeyNameTextW
MapVirtualKeyW
UnionRect
PostThreadMessageW
GetDCEx
LockWindowUpdate
RemovePropW
ClientToScreen
IsWindowVisible
GetDoubleClickTime
GetParent
IntersectRect
InvertRect
ClipCursor
ScreenToClient
GetCursorPos
TabbedTextOutW
GrayStringW
DrawTextExW
GetSystemMetrics
KillTimer
GetCapture
GetKeyState
GetFocus
IsClipboardFormatAvailable
IsWindow
PostMessageW
GetMessagePos
FrameRect
DrawTextW
SystemParametersInfoW
GetDC
SetTimer
GetTabbedTextExtentW
wsprintfW
GetScrollRange
GetScrollPos
SetScrollPos
SetRectEmpty
LoadCursorW
IsRectEmpty
CopyRect
GetSysColor
ChildWindowFromPoint
SetCursor
ReleaseDC
UpdateWindow
ReleaseCapture
SetCapture
GetClassInfoW
RegisterClassW
DefWindowProcW
DrawEdge
SetRect
OffsetRect
InflateRect
FillRect
PtInRect
GetWindowRect
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MapWindowPoints
GetClientRect
InvalidateRect
SendMessageW
EnableWindow
DrawIcon
InSendMessage
SendNotifyMessageW
CreateMenu
CopyAcceleratorTableW
GetMessageTime
WindowFromDC
UnhookWindowsHookEx
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
gdi32
CreatePen
CreateSolidBrush
Rectangle
BitBlt
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
GetClipRgn
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
DeleteObject
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
SetAbortProc
GetCharWidthW
StretchDIBits
GetViewportOrgEx
CreateEllipticRgn
LPtoDP
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
EnumFontFamiliesExW
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
GetClipBox
ExcludeClipRect
ExtTextOutW
GetTextExtentPoint32W
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
SetWindowOrgEx
GetCurrentPositionEx
CreateRectRgn
CreatePatternBrush
CreateDIBPatternBrushPt
SetTextColor
SetBkColor
CreateBitmap
CreateDCW
CopyMetaFileW
GetTextColor
GetTextMetricsW
PatBlt
TextOutW
RectVisible
PtVisible
GetBkColor
Escape
GetCurrentObject
CreateFontIndirectW
CreateHatchBrush
Polygon
Ellipse
PolyBezier
Polyline
ExtCreatePen
GetObjectW
AbortDoc
EndPage
StartPage
EndDoc
StartDocW
CreateDIBSection
SelectObject
GetStockObject
GetDeviceCaps
DeleteDC
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectType
msimg32
GradientFill
winspool.drv
GetJobW
DocumentPropertiesW
ClosePrinter
OpenPrinterW
advapi32
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
SetFileSecurityW
GetFileSecurityW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
shell32
ShellExecuteW
DragQueryFileW
DragFinish
SHGetFileInfoW
ExtractIconW
SHAddToRecentDocs
DragAcceptFiles
comctl32
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Draw
shlwapi
StrToIntW
SHDeleteKeyW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
uxtheme
DrawThemeText
IsAppThemed
GetThemePartSize
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
ole32
CoDisconnectObject
StringFromGUID2
OleRun
CLSIDFromProgID
CLSIDFromString
PropVariantCopy
CoInitialize
CoCreateGuid
CoRevokeClassObject
CoRegisterClassObject
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
OleUninitialize
OleInitialize
CreateFileMoniker
OleCreate
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleRegGetMiscStatus
OleRegEnumVerbs
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
StgIsStorageFile
OleTranslateAccelerator
IsAccelerator
StgCreateDocfile
StgOpenStorage
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
StgCreateDocfileOnILockBytes
WriteClassStm
CreateDataAdviseHolder
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
CreateOleAdviseHolder
CoLockObjectExternal
GetRunningObjectTable
OleIsRunning
CoGetMalloc
GetHGlobalFromILockBytes
OleQueryCreateFromData
OleQueryLinkFromData
DoDragDrop
StgOpenStorageOnILockBytes
OleSetMenuDescriptor
OleGetIconOfClass
OleLockRunning
OleSetContainedObject
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
CreateILockBytesOnHGlobal
oleaut32
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SysReAllocStringLen
SysStringLen
VariantCopy
VariantChangeType
VariantInit
SysAllocStringByteLen
SystemTimeToVariantTime
SysStringByteLen
SysAllocString
VariantClear
SysFreeString
SysAllocStringLen
VarUdateFromDate
VariantTimeToSystemTime
SafeArrayGetUBound
oledlg
OleUIBusyW
gdiplus
GdipCreateBitmapFromScan0
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
oleacc
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
wtsapi32
WTSSendMessageW
Sections
.text Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 596KB - Virtual size: 596KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 388KB - Virtual size: 388KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 6.6MB - Virtual size: 6.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.l1 Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE