dc4abaf088b756bb05655c8016c4e59a9be95fb2935e72c48473aa37b0752e9c

Sharing

Copy URL Twitter E-mail

General

Target

dc4abaf088b756bb05655c8016c4e59a9be95fb2935e72c48473aa37b0752e9c
Size

1.0MB
MD5

cef08e651e5a3e6d6040999a63dbc64d
SHA1

0c699eccf0820eee6baf30cdc54e5b243fd991a2
SHA256

dc4abaf088b756bb05655c8016c4e59a9be95fb2935e72c48473aa37b0752e9c
SHA512

11f46a1fe47d74e961e37532b1a9c63498b990e24cfa76cc60c92eee2b43385e7be44351cf9d266706ae3b53c630b8edac3e3b1c16ad2e3c22c9bfb43f256d33
SSDEEP

24576:FljWgW2WidQZefBb4u6qxafdQZpWgW2W:FJWgW2WidQZs4gUdQZpWgW2W

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc4abaf088b756bb05655c8016c4e59a9be95fb2935e72c48473aa37b0752e9c

Files

dc4abaf088b756bb05655c8016c4e59a9be95fb2935e72c48473aa37b0752e9c
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rc!
Size: 251KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 261KB - Virtual size: 15.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WEN
Size: 512B - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ROU
Size: 59KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Silvana
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 77KB - Virtual size: 80KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 8KB

.!rc! Size: 251KB - Virtual size: 252KB

.vmp0 Size: 102KB - Virtual size: 104KB

.vmp1 Size: 261KB - Virtual size: 15.2MB

.WEN Size: 512B - Virtual size: 2.1MB

.ROU Size: 59KB - Virtual size: 92KB

.Silvana Size: 512B - Virtual size: 4KB

.rsrc Size: 260KB - Virtual size: 260KB

.text
Size: 77KB - Virtual size: 80KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 8KB

.!rc!
Size: 251KB - Virtual size: 252KB

.vmp0
Size: 102KB - Virtual size: 104KB

.vmp1
Size: 261KB - Virtual size: 15.2MB

.WEN
Size: 512B - Virtual size: 2.1MB

.ROU
Size: 59KB - Virtual size: 92KB

.Silvana
Size: 512B - Virtual size: 4KB

.rsrc
Size: 260KB - Virtual size: 260KB