76ea33fb0fbcc1a664cf075d49a3f730 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76ea33fb0fbcc1a664cf075d49a3f730
Size

373KB
MD5

76ea33fb0fbcc1a664cf075d49a3f730
SHA1

04abbd0968c4b1a7cba8b70d7456fbcd01f502a2
SHA256

57dab752cdeaa77e4cbab8f1bf3f1b0e09bb34386195ca0cac0878cb0715b393
SHA512

ca2bb68331ebaa2faadb9fd321c3ea51cde63286bec31c2c2435bfbbd3fc59bda1de7a5be9469b10d5c38c5bf4e00fc226e8f50889d804b5a579a0603ea0ab17
SSDEEP

6144:FvKrnDrS+ZSYLdID0zQH6Y5c+8EJhhT1yAZTov7BFEft+Ey1ItTCcCgL:RUHHLKUQH6xDEzF5h8bEftx9CcCO

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76ea33fb0fbcc1a664cf075d49a3f730

Files

76ea33fb0fbcc1a664cf075d49a3f730
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 548KB - Virtual size: 544KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ