valorant[.]exe

Resubmissions

22-02-2024 23:12

240222-26xt1agb81 7

22-02-2024 23:10

240222-252fssgf96 7

Sharing

Copy URL

Twitter E-mail

General

Target

valorant.exe
Size

5.8MB
MD5

75b18e45036c752516fc401f0d8c7a98
SHA1

6b8c68f9d70eaad3e8bc1bc6b10ae20c084bb66d
SHA256

b680ea2a1ef3ca14bf3fe9f657adf819a109bcb02b607ce718f2a464ccdc86f8
SHA512

c1b5084053260adda236ded53e30526784505130b65923f0fae900ea6991ec808927f3329afa27c9cc46e1ee91340f909499e736d1610d994d8b4dfd41f842e7
SSDEEP

98304:HnI2QLA8ZuXV6GWMQ5d4CwADwFLvjlER7NK2LpVBRasRUo0VWHf1rExFhL:Hnhh8ZuXlWMKKNy7NKcBRh0VWHf1rE7

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
valorant.exe

Files

valorant.exe
.exe windows:6 windows x64 arch:x64

Password: sasa

e53c8fc1f8bc2856440ac36978d356ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowLongW
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

msvcp140

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

d3d9

Direct3DCreate9Ex

d3dx9_43

D3DXVec3Transform

dwmapi

DwmExtendFrameIntoClientArea

imm32

ImmSetCandidateWindow

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_crt_atexit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

_wcsicmp

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-math-l1-1-0

sqrtf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 937KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: sasa

e53c8fc1f8bc2856440ac36978d356ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

d3d9

d3dx9_43

dwmapi

imm32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

wtsapi32

Sections

.text Size: - Virtual size: 358KB

.rdata Size: - Virtual size: 64KB

.data Size: - Virtual size: 937KB

.pdata Size: - Virtual size: 13KB

.vmp0 Size: - Virtual size: 3.4MB

.vmp1 Size: 5.8MB - Virtual size: 5.8MB

.reloc Size: 512B - Virtual size: 192B

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 358KB

.rdata
Size: - Virtual size: 64KB

.data
Size: - Virtual size: 937KB

.pdata
Size: - Virtual size: 13KB

.vmp0
Size: - Virtual size: 3.4MB

.vmp1
Size: 5.8MB - Virtual size: 5.8MB

.reloc
Size: 512B - Virtual size: 192B

.rsrc
Size: 512B - Virtual size: 469B