Behavioral task
behavioral1
Sample
4d9f86e82fe3e7ab2bba02535ce275ee.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4d9f86e82fe3e7ab2bba02535ce275ee.exe
Resource
win10v2004-20231215-en
General
-
Target
4d9f86e82fe3e7ab2bba02535ce275ee
-
Size
627KB
-
MD5
4d9f86e82fe3e7ab2bba02535ce275ee
-
SHA1
78789119181b4572f81f2050bbd27a615ee0a55b
-
SHA256
e2db28c3c94396840a02e6c0366cad824cdf2599064602d3c866863d06fee793
-
SHA512
2fc75948ed731bebc19cd3fd53ee4faad36b8fa266fa482ba844d300b4624d83785b480fb5e70fbb24fef52f25ce0ec0bca483775c1dbb8b6560a4adedd060f1
-
SSDEEP
48:qa0L3E46FfKhjq+gHr7VAN4Pg7NCZcog/5R7uftaDuDL:tCEZfKh+THXqN4POUW/5R7JDuD
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4d9f86e82fe3e7ab2bba02535ce275ee
Files
-
4d9f86e82fe3e7ab2bba02535ce275ee.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: - Virtual size: 546KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp1 Size: 626KB - Virtual size: 625KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ