5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c

General

Target

5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c
Size

1.7MB
MD5

9cc57053aeb66459446b8cb009919424
SHA1

3c4dd5d161de981cdd187e6b14b32f78a5f90d8b
SHA256

5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c
SHA512

103812d1d9759bdf87f222e423272832f1a68af8a6385c74adc7f48468c3d8f93b5225b8fd95694889b92fa19dc98048770e982a708b9f4b58efdcdda4085fd5
SSDEEP

24576:feaPqgd8w2lvQH1aTL5r/3XPMNKqseXTOC3USZY1zj+nmghjpv7vVPgw6NYdX385:mvgdQlYILl3XPc0eXTL3GzEhjp7v7X9

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c

Files

5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c
.exe windows:4 windows x86 arch:x86

53a4bc4cbe81248ff7e281d12ac06b85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiOutReset

ws2_32

WSAStartup

kernel32

lstrcpyA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

DeleteMenu

gdi32

ScaleWindowExtEx

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

comdlg32

GetFileTitleA

Sections

.text
Size: - Virtual size: 669KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53a4bc4cbe81248ff7e281d12ac06b85

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 669KB

.rdata Size: - Virtual size: 97KB

.data Size: - Virtual size: 316KB

.rsrc Size: 14KB - Virtual size: 29KB

.vmp0 Size: - Virtual size: 1.1MB

.vmp1 Size: 1.6MB - Virtual size: 1.6MB

.text
Size: - Virtual size: 669KB

.rdata
Size: - Virtual size: 97KB

.data
Size: - Virtual size: 316KB

.rsrc
Size: 14KB - Virtual size: 29KB

.vmp0
Size: - Virtual size: 1.1MB

.vmp1
Size: 1.6MB - Virtual size: 1.6MB