Overview

overview

7

Static

static

3

VMProtect ...K32.so

ubuntu-24.04-amd64

1

VMProtect ...K64.so

ubuntu-24.04-amd64

1

VMProtect ....dylib

macos-10.15-amd64

1

VMProtect ...DK.dll

windows7-x64

1

VMProtect ...DK.dll

windows10-2004-x64

1

VMProtect ...32.dll

windows7-x64

3

VMProtect ...32.dll

windows10-2004-x64

3

VMProtect ...64.dll

windows7-x64

1

VMProtect ...64.dll

windows10-2004-x64

1

VMProtect ...32.dll

windows7-x64

3

VMProtect ...32.dll

windows10-2004-x64

3

VMProtect ...64.dll

windows7-x64

1

VMProtect ...64.dll

windows10-2004-x64

1

VMProtect ...ct.exe

windows7-x64

5

VMProtect ...ct.exe

windows10-2004-x64

5

VMProtect ...on.exe

windows7-x64

5

VMProtect ...on.exe

windows10-2004-x64

5

VMProtect ...32.dll

windows7-x64

3

VMProtect ...32.dll

windows10-2004-x64

3

VMProtect ...64.dll

windows7-x64

7

VMProtect ...64.dll

windows10-2004-x64

7

VMProtect ...00.exe

windows7-x64

7

VMProtect ...00.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9uSgxgRm.zip

  • Size

    52.9MB

  • MD5

    d1a0fdb9d7ce8c8f5625d6234bd421d5

  • SHA1

    795eff712631ad5d6795212550e649d590805124

  • SHA256

    1ad3cb82fa8909346107c1731bc1a7998967db7d6bd889d3b04cdfa6a97cf4ce

  • SHA512

    8ab6f0406aec0959d1410ec5cdf98e1aae7111d5c64ccb9ec55fece2e2d6dbef55c6dce2966b721961a6f2bad6516de48a4b5b08a3b28efb1887f5213f62e954

  • SSDEEP

    786432:1qhp4lrFnKRqYFtAEIPDNlxGw/owf1Peqkb7pNZQ3fQm1X4sid1NEkRpR74CJ5vP:1yoYqYf9svWbtQ3fQGkQk714q56C

Score
3/10

Malware Config

Signatures

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 9uSgxgRm.zip
    .zip
  • VMProtect 3.8.1/Help/.en/_23.cfs
  • VMProtect 3.8.1/Help/.en/deletable
  • VMProtect 3.8.1/Help/.en/segments
  • VMProtect 3.8.1/Help/.ru/_23.cfs
  • VMProtect 3.8.1/Help/.ru/deletable
  • VMProtect 3.8.1/Help/.ru/segments
  • VMProtect 3.8.1/Help/en.qch
  • VMProtect 3.8.1/Help/en.qhc
  • VMProtect 3.8.1/Help/ru.qch
  • VMProtect 3.8.1/Help/ru.qhc
  • VMProtect 3.8.1/Include/ASM/VMProtectSDK.inc
  • VMProtect 3.8.1/Include/C/VMProtectDDK.h
  • VMProtect 3.8.1/Include/C/VMProtectSDK.h
  • VMProtect 3.8.1/Include/Pascal/VMProtectSDK.pas
  • VMProtect 3.8.1/Include/VB6/VMProtectSDK.bas
  • VMProtect 3.8.1/Langs/en.lng
  • VMProtect 3.8.1/Langs/fr.lng
  • VMProtect 3.8.1/Langs/ru.lng
  • VMProtect 3.8.1/Langs/zh.lng
  • VMProtect 3.8.1/Lib/Linux/libVMProtectSDK32.so
    .elf linux x86
  • VMProtect 3.8.1/Lib/Linux/libVMProtectSDK64.so
    .elf linux x64
  • VMProtect 3.8.1/Lib/OSX/libVMProtectSDK.dylib
    .dylib macos arch:x64 arch:x86
  • VMProtect 3.8.1/Lib/Windows/BCC64ELF/VMProtectSDK64.lib
  • VMProtect 3.8.1/Lib/Windows/MinGW/VMProtectSDK32.a
  • VMProtect 3.8.1/Lib/Windows/MinGW/VMProtectSDK64.a
  • VMProtect 3.8.1/Lib/Windows/Net/VMProtect.SDK.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • VMProtect 3.8.1/Lib/Windows/OMF/VMProtectSDK32.lib
  • VMProtect 3.8.1/Lib/Windows/VMProtectDDK32.lib
  • VMProtect 3.8.1/Lib/Windows/VMProtectDDK32.sys
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • VMProtect 3.8.1/Lib/Windows/VMProtectDDK64.lib
  • VMProtect 3.8.1/Lib/Windows/VMProtectDDK64.sys
    .dll windows:5 windows x64 arch:x64


    Headers

    Exports

    Sections

  • VMProtect 3.8.1/Lib/Windows/VMProtectSDK32.dll
    .dll windows:5 windows x86 arch:x86

    b9f19b4d3ce951c4ff6196681bbb3439


    Headers

    Imports

    Exports

    Sections

  • VMProtect 3.8.1/Lib/Windows/VMProtectSDK32.lib
  • VMProtect 3.8.1/Lib/Windows/VMProtectSDK64.dll
    .dll windows:5 windows x64 arch:x64

    1851ff453adce0cef5274e320d5bed3c


    Headers

    Imports

    Exports

    Sections

  • VMProtect 3.8.1/Lib/Windows/VMProtectSDK64.lib
  • VMProtect 3.8.1/VMProtect.exe
    .exe windows:5 windows x64 arch:x64

    9c47ed052a84ae44bb9907f5d4d1498c


    Code Sign

    Headers

    Imports

    Sections

  • VMProtect 3.8.1/VMProtect_Con.exe
    .exe windows:5 windows x64 arch:x64

    5a949bbc7867b0b40374220bf52d6bda


    Code Sign

    Headers

    Imports

    Sections

  • VMProtect 3.8.1/VMProtect_Ext32.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    159cd5e2ffb2c4163d0a69529aa7918a


    Headers

    Imports

    Exports

    Sections

  • VMProtect 3.8.1/VMProtect_Ext64.dll
    .dll regsvr32 windows:5 windows x64 arch:x64

    1b73bdc4fccd1329501f72bf5ae9ff16


    Headers

    Imports

    Exports

    Sections

  • VMProtect 3.8.1/unins000.dat
  • VMProtect 3.8.1/unins000.exe
    .exe windows:5 windows x86 arch:x86

    f62b90e31eca404f228fcf7068b00f31


    Headers

    Imports

    Sections