b4ed33b2da8feeb2734d98547e1a23e66ed3afb978e869837e557c1aa0c44c5d

Sharing

Copy URL Twitter E-mail

General

Target

b4ed33b2da8feeb2734d98547e1a23e66ed3afb978e869837e557c1aa0c44c5d
Size

1.0MB
MD5

628439e9ca4297d68950edba489b1616
SHA1

d18fb7208439f1ae7577361c4bb58ad5b7ea2083
SHA256

b4ed33b2da8feeb2734d98547e1a23e66ed3afb978e869837e557c1aa0c44c5d
SHA512

e28c593c70c9e16ae878f6f1554e162e3717a9b26625682be091154408690f41bcc145e69a942015a3ab40d211174a5ddb6fcdc7cbdb1c0b4b71965b8c16b05d
SSDEEP

24576:FljWgW2WidQZefBb4u6qxafdQZpWgW2W:FJWgW2WidQZs4gUdQZpWgW2W

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4ed33b2da8feeb2734d98547e1a23e66ed3afb978e869837e557c1aa0c44c5d

Files

b4ed33b2da8feeb2734d98547e1a23e66ed3afb978e869837e557c1aa0c44c5d
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rc!
Size: 251KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 261KB - Virtual size: 15.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WEN
Size: 512B - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ROU
Size: 59KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Silvana
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 77KB - Virtual size: 80KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 8KB

.!rc! Size: 251KB - Virtual size: 252KB

.vmp0 Size: 102KB - Virtual size: 104KB

.vmp1 Size: 261KB - Virtual size: 15.2MB

.WEN Size: 512B - Virtual size: 2.1MB

.ROU Size: 59KB - Virtual size: 92KB

.Silvana Size: 512B - Virtual size: 4KB

.rsrc Size: 260KB - Virtual size: 260KB

.text
Size: 77KB - Virtual size: 80KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 8KB

.!rc!
Size: 251KB - Virtual size: 252KB

.vmp0
Size: 102KB - Virtual size: 104KB

.vmp1
Size: 261KB - Virtual size: 15.2MB

.WEN
Size: 512B - Virtual size: 2.1MB

.ROU
Size: 59KB - Virtual size: 92KB

.Silvana
Size: 512B - Virtual size: 4KB

.rsrc
Size: 260KB - Virtual size: 260KB