General
-
Target
6723e32d12d54478a38811fb1b820708
-
Size
176KB
-
MD5
6723e32d12d54478a38811fb1b820708
-
SHA1
bb9aaf48b3ff7bdb46b182213cf2b07502070fa5
-
SHA256
12e6b5ea96421820a602720dfb493507a592343c193be471704db1e6f4d26162
-
SHA512
069c2d79377fcd47d09c89849bd4e4098416f0786d9904e2f08e3de276b18d8d6637f6b92c89fb06de655b05b9e0bbe00bbdd254dc5e26ea66e07ce84eefd56d
-
SSDEEP
1536:ttjjpoRXsaqFlNZPcQ2W600Ha82ZAnoe6H1Oq/WNELmZ+JXd+8j:tBpEcaqD0Q2WHgajAnD6Eq/WKLBXh
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6723e32d12d54478a38811fb1b820708
Files
-
6723e32d12d54478a38811fb1b820708.sys windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 356B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: - Virtual size: 1012B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: - Virtual size: 123KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp2 Size: 175KB - Virtual size: 174KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 224B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ