VЕGАS Prо[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

VЕGАS Prо.exe
Size

101.7MB
MD5

cd5df5f6e86bdd5408d11b6204053c21
SHA1

ea20629b9db077aa6bfe46e16bd22bfdc580d380
SHA256

56f44707456eb8cfd4d7ab6c63c62015515a4a6154ff5e92e92e576b133003d1
SHA512

bf57afe5f6aa6a4affb3bb0a805399eda06d07e170a1d09804cf9b190f53a81d14bea07e421d0991c514e22af3a55077d3d8bf2eb5b7f12b7ad2725c9778448c
SSDEEP

1572864:GRWWlH8DHsD6tzKii6a3/1pY1rSVhFIYUT/zdylJMos/hhQ147FyixHX0w:GwHO53DTFIYUTZyl5ohQrMj

Score

7^/10

agilenet

Malware Config

Signatures

Obfuscated with Agile.Net obfuscator 1 IoCs
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
agilenet

Processes:

resource yara_rule

sample agile_net

resource	yara_rule
sample	agile_net

Files

VЕGАS Prо.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26-03-2019 17:44

Not After

22-03-2034 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:03:68:ff:c8:7f:26:f9:d1:3f:44:12:aa:a3:e9:15
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

22-03-2024 17:46

Not After

22-03-2025 17:46

Subject

SERIALNUMBER=858926-7,CN=Just Add Water Italian Pizza Bread Pasta Mix Ltd.,O=Just Add Water Italian Pizza Bread Pasta Mix Ltd.,L=Calgary,ST=Alberta,C=CA,1.3.6.1.4.1.311.60.2.1.3=#13024341,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

19-02-2024 16:18

Not After

16-02-2034 16:18

Subject

CN=SSL.com Timestamping Unit 2024 E1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13-11-2019 18:50

Not After

12-11-2034 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:c1:2b:be:0f:74:83:52:a9:fe:59:74:9f:ca:64:8e:98:89:9c:dd:f7:b2:bc:f1:60:f8:25:57:1d:02:ee:e6
Signer

Actual PE Digest

34:c1:2b:be:0f:74:83:52:a9:fe:59:74:9f:ca:64:8e:98:89:9c:dd:f7:b2:bc:f1:60:f8:25:57:1d:02:ee:e6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Admin\Desktop\projects\NewProjects\vegasclient1\WindowsFormsApp1\bin\Debug\Secured\V??G??S Pr??.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 101.4MB - Virtual size: 101.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

6e:03:68:ff:c8:7f:26:f9:d1:3f:44:12:aa:a3:e9:15Certificate

Extended Key Usages

Key Usages

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7Certificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

34:c1:2b:be:0f:74:83:52:a9:fe:59:74:9f:ca:64:8e:98:89:9c:dd:f7:b2:bc:f1:60:f8:25:57:1d:02:ee:e6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 101.4MB - Virtual size: 101.4MB

.rsrc Size: 357KB - Virtual size: 357KB

.reloc Size: 512B - Virtual size: 12B

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

6e:03:68:ff:c8:7f:26:f9:d1:3f:44:12:aa:a3:e9:15
Certificate

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

34:c1:2b:be:0f:74:83:52:a9:fe:59:74:9f:ca:64:8e:98:89:9c:dd:f7:b2:bc:f1:60:f8:25:57:1d:02:ee:e6
Signer

.text
Size: 101.4MB - Virtual size: 101.4MB

.rsrc
Size: 357KB - Virtual size: 357KB

.reloc
Size: 512B - Virtual size: 12B