186f71b688e1238160861ebff6aff0d5

General

Target

186f71b688e1238160861ebff6aff0d5
Size

193KB
MD5

186f71b688e1238160861ebff6aff0d5
SHA1

bea4aae68c8cb0a91978762ddc9f16a47058c827
SHA256

5853a7ef7c79db623e38f6c43d0562fa6ca5670a1076cbdf0cb14dc851e662d4
SHA512

82b952ea465d6955adf57f4e76182d8af965910e24486bde39e0049c53146251ca9b02e7b5d77b5678ab1586b03b96296ec83043249a32a2e67b3168e1138b3f
SSDEEP

3072:PvdKUu5tqTYtkl5lMfv93BBfkVVcRCMqNVpsxvu1a21PfWMdhUThwSFOisgpo+1o:3ukVMNsVgC9rqvHQGMdh7sohoo

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
186f71b688e1238160861ebff6aff0d5

Files

186f71b688e1238160861ebff6aff0d5
.exe windows:4 windows x86 arch:x86

74acad1f3de23bdb286636a91fff9461

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetProcAddress
VirtualProtect

msvcrt

??3@YAXPAX@Z

user32

MessageBoxA

Sections

00000000
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

33333333
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

333
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

222
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

111
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74acad1f3de23bdb286636a91fff9461

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

00000000 Size: - Virtual size: 2KB

33333333 Size: - Virtual size: 10KB

333 Size: - Virtual size: 1KB

222 Size: - Virtual size: 3KB

111 Size: - Virtual size: 1KB

.rsrc Size: 52KB - Virtual size: 154KB

.vmp0 Size: - Virtual size: 58KB

.vmp1 Size: 140KB - Virtual size: 139KB

.reloc Size: 512B - Virtual size: 104B

00000000
Size: - Virtual size: 2KB

33333333
Size: - Virtual size: 10KB

333
Size: - Virtual size: 1KB

222
Size: - Virtual size: 3KB

111
Size: - Virtual size: 1KB

.rsrc
Size: 52KB - Virtual size: 154KB

.vmp0
Size: - Virtual size: 58KB

.vmp1
Size: 140KB - Virtual size: 139KB

.reloc
Size: 512B - Virtual size: 104B