83d30df3283d8ad2204ee3e8ee0f2032dba656e3888388ae7b6fd6d5fa9fdca2

Sharing

Copy URL Twitter E-mail

General

Target

83d30df3283d8ad2204ee3e8ee0f2032dba656e3888388ae7b6fd6d5fa9fdca2
Size

524KB
MD5

9e133026d4b8ada47b478464f75ac21d
SHA1

458a729b0e4c592c3dea9be98b2e38decfc4398c
SHA256

83d30df3283d8ad2204ee3e8ee0f2032dba656e3888388ae7b6fd6d5fa9fdca2
SHA512

7cccdf1bda0077f2aaa1c55212baa929ac6ecad38ac4d9d497b35ab4672c3d9ebdb353d8a3ba3055a6dfd60812910ec1bf6f4107cb1af11791193b7c67af998b
SSDEEP

12288:j3ywUrv2Pivw6MQpb8XCgpIKe0/vleo7GnD1nK8cENbmu:j3DUrOPJgbOpxrlRQDrrIu

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83d30df3283d8ad2204ee3e8ee0f2032dba656e3888388ae7b6fd6d5fa9fdca2

Files

83d30df3283d8ad2204ee3e8ee0f2032dba656e3888388ae7b6fd6d5fa9fdca2
.dll windows:4 windows x86 arch:x86

07524c285bd080fcd1410156dac03efe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

MessageBoxA

comdlg32

GetFileTitleA

advapi32

RegisterServiceCtrlHandlerA

ole32

CoCreateInstance

oleaut32

SafeArrayGetUBound

wininet

InternetConnectA

shlwapi

PathFileExistsA

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

msvcrt

calloc

shell32

SHGetSpecialFolderPathA

Exports

Exports

BR_Send
BR_SetSvrAckHandler
BR_SetSvrIP
BR_UserInit

Sections

.text
Size: - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 512KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07524c285bd080fcd1410156dac03efe

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

oleaut32

wininet

shlwapi

wtsapi32

userenv

msvcrt

shell32

Exports

Exports

Sections

.text Size: - Virtual size: 105KB

.rdata Size: - Virtual size: 6KB

.data Size: - Virtual size: 97KB

.vmp0 Size: - Virtual size: 404KB

.vmp1 Size: 512KB - Virtual size: 509KB

.reloc Size: 4KB - Virtual size: 188B

.rsrc Size: 4KB - Virtual size: 716B

.text
Size: - Virtual size: 105KB

.rdata
Size: - Virtual size: 6KB

.data
Size: - Virtual size: 97KB

.vmp0
Size: - Virtual size: 404KB

.vmp1
Size: 512KB - Virtual size: 509KB

.reloc
Size: 4KB - Virtual size: 188B

.rsrc
Size: 4KB - Virtual size: 716B