popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

TOP_2.4.6.vmp.exe

Malicious Packer VMProtect Malicious Library PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 27, 2024, 1:32 p.m. Sept. 27, 2024, 1:50 p.m.
Size 6.6MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 b951897c49e0a8acb34ec45f7da6c3d1
SHA256 95d4d2f3e313169343f3392741b89cc5bd606bec02284ca9bbac2b5ee88aad0b
CRC32 C4B7A41A
ssdeep 98304:GMNZDYo4OvfSaHHlsTgle+Ubi4RJ/pxG3Xmtpru824qfMWbxLDi7GyLTpv:/Zll7OfCh86x5yB
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • VMProtect_Zero - VMProtect packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .vmp0
section .vmp1
section {u'size_of_data': u'0x0068d800', u'virtual_address': u'0x005f4000', u'entropy': 7.936206096240543, u'name': u'.vmp1', u'virtual_size': u'0x0068d75c'} entropy 7.93620609624 description A section with a high entropy has been found
entropy 0.99985099091 description Overall entropy of this PE file is high
section .vmp0 description Section name indicates VMProtect
section .vmp1 description Section name indicates VMProtect
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.VMProtect.4!c
tehtris Generic.Malware
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win64.Generic.vc
ALYac Trojan.GenericKD.73946224
Cylance Unsafe
VIPRE Trojan.GenericKD.73946224
Sangfor Suspicious.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Trojan.GenericKD.73946224
K7GW Trojan ( 0058cdc71 )
K7AntiVirus Trojan ( 0058cdc71 )
Arcabit Trojan.Generic.D4685470
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Packed.VMProtect.L suspicious
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Alibaba Packed:Win64/VMProtect.500b2f98
MicroWorld-eScan Trojan.GenericKD.73946224
Emsisoft Trojan.GenericKD.73946224 (B)
F-Secure Heuristic.HEUR/AGEN.1366422
Zillya Trojan.VMProtect.Win64.19723
McAfeeD Real Protect-LS!B951897C49E0
Trapmine malicious.high.ml.score
CTX exe.trojan.vmprotect
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
FireEye Generic.mg.b951897c49e0a8ac
Google Detected
Avira HEUR/AGEN.1366422
Antiy-AVL GrayWare/Win32.Wacapew
Kingsoft Win32.Troj.Unknown.a
Microsoft PUA:Win32/Puwaders.C!ml
GData Trojan.GenericKD.73946224
Varist W64/VMProtBad.R.gen!Eldorado
AhnLab-V3 Trojan/Win.Generic.R663373
McAfee Artemis!B951897C49E0
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.3594755069
Ikarus Win32.Outbreak
TrendMicro-HouseCall TROJ_GEN.R002H09HU24
Fortinet Riskware/Application
AVG Win64:MalwareX-gen [Trj]
Paloalto generic.ml
alibabacloud VirTool:Win/Wacapew.C9nj