22a4e3fe84c4bb3e79b289ac053c77d1 | Triage

Sharing

General

Target

22a4e3fe84c4bb3e79b289ac053c77d1
Size

1.9MB
MD5

22a4e3fe84c4bb3e79b289ac053c77d1
SHA1

7fe44f740fb2eaf7ffb85520e06e4149fa443d84
SHA256

f14c125600acad1e6aa330deb5aca520f3fa83e747d2e094d4a337e83b413da5
SHA512

86d6e0ac0613f33b47e59f2c8f9fa8d7bf34b3bfd41bb655e6fb39e133e7d4ee2183c95852edaf173a1e6a089943355c87f17a297672f07db5b56a422ecc769c
SSDEEP

24576:C3q4nvYveRLfRq3hwwy8nCAlmd/l/hAot8rhhUF54clNf7+6uHAW92zt/sWu2BSW:74nQe5qWGYlZA88to54clgLH+tkWJ0

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs
Detects executables packed with VMProtect commercial packer.
vmprotect

Processes:

resource yara_rule

sample vmprotect
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

22a4e3fe84c4bb3e79b289ac053c77d1

Files

22a4e3fe84c4bb3e79b289ac053c77d1
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ