ba611731d071062ca8002bf354c61f7e15664e0a7ca5637672d12f104a93e8b6 | Triage

Sharing

General

Target

ba611731d071062ca8002bf354c61f7e15664e0a7ca5637672d12f104a93e8b6
Size

832KB
MD5

20ebf158382c116dbd00cbe3061e1702
SHA1

8787b1efd68c91aa0a958215b4c9f9f6155c40c3
SHA256

ba611731d071062ca8002bf354c61f7e15664e0a7ca5637672d12f104a93e8b6
SHA512

98eef8e931d1b8f52ae4c5b6c0be0a880a69fa0b8ce78f3abb38f279cb7ba019c85bf645c7195c8690c651ac24a074929b30abe6518277fdf159c9da144f20b5
SSDEEP

12288:Ku186E2LsZbP4s1Pul2OUoE4tnVFnszMRwoj7NZWabvi0ZWazOKkKy4gZv4BilqD:KisNQxVFns47NZLziVbKXgZvSiYRx

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba611731d071062ca8002bf354c61f7e15664e0a7ca5637672d12f104a93e8b6

Files

ba611731d071062ca8002bf354c61f7e15664e0a7ca5637672d12f104a93e8b6
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ