d700538c131ed2809cc927c14328ba3268c7529b7c87ede56e1aa8efbccb6ff0

Sharing

Copy URL Twitter E-mail

General

Target

d700538c131ed2809cc927c14328ba3268c7529b7c87ede56e1aa8efbccb6ff0
Size

922KB
MD5

b151e18423a2cbb82e6f2ce0819c4944
SHA1

a5300cf473f434f7410f68a733187151182622e5
SHA256

d700538c131ed2809cc927c14328ba3268c7529b7c87ede56e1aa8efbccb6ff0
SHA512

7f3708da7d1c2c0f84737de12e9c19ca3483a1cda012b03518dd030e6e0dd982ea905d00f892be1811480d8e811dd3d00755625b3ac1f69779495a30190b3538
SSDEEP

24576:pQ3WgW2WOmxHmY34t8Lf8hGkQLk1XqmxHVWgW2W:pQ3WgW2WOmxHma4tcct4YqmxHVWgW2W

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d700538c131ed2809cc927c14328ba3268c7529b7c87ede56e1aa8efbccb6ff0

Files

d700538c131ed2809cc927c14328ba3268c7529b7c87ede56e1aa8efbccb6ff0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rc!
Size: 249KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 233KB - Virtual size: 15.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WEN
Size: 512B - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ROU
Size: 41KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Silvana
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 46KB - Virtual size: 48KB

.rdata Size: 15KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 4KB

.!rc! Size: 249KB - Virtual size: 252KB

.vmp0 Size: 85KB - Virtual size: 88KB

.vmp1 Size: 233KB - Virtual size: 15.2MB

.WEN Size: 512B - Virtual size: 2.0MB

.ROU Size: 41KB - Virtual size: 60KB

.Silvana Size: 512B - Virtual size: 4KB

.rsrc Size: 246KB - Virtual size: 246KB

.text
Size: 46KB - Virtual size: 48KB

.rdata
Size: 15KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 4KB

.!rc!
Size: 249KB - Virtual size: 252KB

.vmp0
Size: 85KB - Virtual size: 88KB

.vmp1
Size: 233KB - Virtual size: 15.2MB

.WEN
Size: 512B - Virtual size: 2.0MB

.ROU
Size: 41KB - Virtual size: 60KB

.Silvana
Size: 512B - Virtual size: 4KB

.rsrc
Size: 246KB - Virtual size: 246KB