VMX Private[.]exe

Resubmissions

19/03/2024, 13:27

240319-qqjrnada95 9

19/03/2024, 13:22

240319-qmmzxada24 9

18/03/2024, 19:59

240318-yqjewshf21 9

Sharing

Copy URL Twitter E-mail

General

Target

VMX Private.exe
Size

4.5MB
MD5

bd19f3045f0226c30b809b5e9cc5dbca
SHA1

658252ace8876bf624ea4bbdb385959ee05f99b6
SHA256

cd5e3e06731d3aaf9335dafeec49afbd45a9ec35d56052cc99d6c62153b1cf69
SHA512

998f2cb9ad50497ea3911946686b32bb213a59c71d73b48711b04d077b8e4ed4b601f63adfcde4caafdac89590dacf57d70d236be3d371a7878a11b6bae4cb44
SSDEEP

98304:xMrBrrh4Yk6NcTIM/hwdCmasBEl+yRwemvoohnN8sh+n/:xMrvtk6mTIo2aOKahnN83

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VMX Private.exe

Files

VMX Private.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 212KB - Virtual size: 212KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 2KB - Virtual size: 5KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 512B - Virtual size: 304B

.imports Size: 2KB - Virtual size: 4KB

.themida Size: - Virtual size: 6.1MB

.boot Size: 4.2MB - Virtual size: 4.2MB

.text
Size: 212KB - Virtual size: 212KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 2KB - Virtual size: 5KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 512B - Virtual size: 304B

.imports
Size: 2KB - Virtual size: 4KB

.themida
Size: - Virtual size: 6.1MB

.boot
Size: 4.2MB - Virtual size: 4.2MB