popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

11f88c287b501abb341631221d59ef63089baa83faecbf222c3ba618e5f49456_sof64t.dll

VMProtect Malicious Library PE64 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 18, 2023, 3:18 p.m. Aug. 18, 2023, 3:18 p.m.
Size 6.4MB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 48514490face0a58cd5ea063e7de28e0
SHA256 11f88c287b501abb341631221d59ef63089baa83faecbf222c3ba618e5f49456
CRC32 CE9A0274
ssdeep 196608:NZwmQb62Pk1t+w69MCaSuxu70XSUAFTNknuFkJ:TW62Pk1t+JJuI70CbHe
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • VMProtect_Zero - VMProtect packed file
  • IsPE64 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .vmp0
section .vmp1
section {u'size_of_data': u'0x0065de00', u'virtual_address': u'0x004b3000', u'entropy': 7.93211001952615, u'name': u'.vmp1', u'virtual_size': u'0x0065ddc0'} entropy 7.93211001953 description A section with a high entropy has been found
entropy 0.999923312883 description Overall entropy of this PE file is high
section .vmp0 description Section name indicates VMProtect
section .vmp1 description Section name indicates VMProtect
Bkav W32.Common.6DEA0E3B
Lionic Trojan.Win32.Sybici.4!c
Elastic malicious (high confidence)
DrWeb BackDoor.Coroxy.1
MicroWorld-eScan Trojan.GenericKD.68625086
FireEye Generic.mg.48514490face0a58
CAT-QuickHeal Trojan.Agent
McAfee SystemBC!48514490FACE
Malwarebytes Trojan.Packed.VMP
Sangfor Trojan.Win32.Sybici.V19v
K7AntiVirus Trojan ( 0058cdab1 )
Alibaba Packed:Win64/VMProtect.47cb360d
K7GW Trojan ( 0058cdab1 )
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Trojan.Generic.D41588E4
Cyren W64/ABRisk.YMQG-4238
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win64/Packed.VMProtect.L suspicious
APEX Malicious
Cynet Malicious (score: 100)
Kaspersky Trojan-Proxy.Win32.Sybici.aab
BitDefender Trojan.GenericKD.68625086
NANO-Antivirus Trojan.Win64.Coroxy.jybjhx
Avast Win64:MalwareX-gen [Trj]
Tencent Malware.Win32.Gencirc.13ebc917
Emsisoft Trojan.GenericKD.68625086 (B)
F-Secure Trojan.TR/Proxy.Sybici.cpdee
VIPRE Trojan.GenericKD.68520164
TrendMicro TROJ_GEN.R002C0RH823
McAfee-GW-Edition BehavesLike.Win64.Ctsinf.vc
Sophos Mal/VMProtBad-A
Webroot W32.Trojan.GenKD
Avira TR/Proxy.Sybici.cpdee
Antiy-AVL Trojan[Packed]/Win64.VMProtect
Gridinsoft Malware.Win64.Gen.bot
Microsoft Trojan:Win32/Casdet!rfn
ZoneAlarm Trojan-Proxy.Win32.Sybici.aab
GData Trojan.GenericKD.68625086
Google Detected
AhnLab-V3 Trojan/Win.MalwareX-gen.C5467121
ALYac Trojan.GenericKD.68520164
MAX malware (ai score=82)
VBA32 Backdoor.Coroxy
Cylance unsafe
Panda Trj/Chgt.AD
TrendMicro-HouseCall TROJ_GEN.R002C0RH823
Rising Trojan.Sybici!8.13338 (CLOUD)
MaxSecure Trojan.Malware.215557504.susgen
Fortinet PossibleThreat.ZDS
AVG Win64:MalwareX-gen [Trj]