4e03dd9d015447a3048f959269ba7c76 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e03dd9d015447a3048f959269ba7c76
Size

276KB
MD5

4e03dd9d015447a3048f959269ba7c76
SHA1

47c9730720a9a1c8f2482e0a74584324332ca28a
SHA256

f350595d2630de15d8812479f78528d1322d7e776a686e429daea9e765cae108
SHA512

49b1d1ebc70c4ae376ee1686c4cf202a48e04f5edfcb0599e1287872c4649811b7f6fd43d85f47a61678c61d5b00cf58afa459641f03dd189c0f5a8db5f8e6b7
SSDEEP

6144:+V6mygAaHqJefAt1bC5gNIGHbcQl01qqVud1vLQ9w5Ede5:nmygDHqJe4t1W5gN5IfZVud1jgw5h

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e03dd9d015447a3048f959269ba7c76

Files

4e03dd9d015447a3048f959269ba7c76
.dll windows:6 windows x86 arch:x86

b2d049edd138647910440c77305a14b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Exports

Exports

Log
Logvido
RecordExceptionInfo

Sections

.text
Size: - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ