8e108e9b1972fa59993b9514f5dd17eb19ece1494026d24fcee1fb30e4b45af7

Sharing

Copy URL Twitter E-mail

General

Target

8e108e9b1972fa59993b9514f5dd17eb19ece1494026d24fcee1fb30e4b45af7
Size

2.7MB
MD5

f73fd9734b8e8d7540772a4bfacefb4a
SHA1

e81ac9588ff497bce4344b559398e16dbdba88cc
SHA256

8e108e9b1972fa59993b9514f5dd17eb19ece1494026d24fcee1fb30e4b45af7
SHA512

2624834eaa83cddcebee39853d7639ad876d3a0aa24a2a9a01f78e0b6d714a4fda4bdf22f5aea761f390a2ce6fb50a5f05289b13a6e0a649f509a9897b12489f
SSDEEP

49152:iewPNXdRdGGgAlN7DuhV+JCqCzEwZsRqy7gq+z0rLt2E:iekXdtL7jMqCA17gfqk

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e108e9b1972fa59993b9514f5dd17eb19ece1494026d24fcee1fb30e4b45af7

Files

8e108e9b1972fa59993b9514f5dd17eb19ece1494026d24fcee1fb30e4b45af7
.exe windows:4 windows x86 arch:x86

72e0ac121083a140d9bdf2c2b6f208b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamProperty

ws2_32

getpeername

kernel32

GetVersionExA
GetVersion
TlsAlloc
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

SetActiveWindow

gdi32

GetTextColor

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72e0ac121083a140d9bdf2c2b6f208b7

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 876KB

.rdata Size: - Virtual size: 1.3MB

.data Size: - Virtual size: 350KB

.vmp0 Size: - Virtual size: 1.9MB

.vmp1 Size: 2.6MB - Virtual size: 2.6MB

.rsrc Size: 64KB - Virtual size: 77KB

.text
Size: - Virtual size: 876KB

.rdata
Size: - Virtual size: 1.3MB

.data
Size: - Virtual size: 350KB

.vmp0
Size: - Virtual size: 1.9MB

.vmp1
Size: 2.6MB - Virtual size: 2.6MB

.rsrc
Size: 64KB - Virtual size: 77KB