popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

espsemhvci.exe

VMProtect Malicious Library PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 26, 2024, 5:18 p.m. Oct. 26, 2024, 5:39 p.m.
Size 12.0MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 63e75bcd85dc3b33ab22eccb2aaa41fb
SHA256 e16756104c0865ae99de300b332169d2b8665c0cb381dc5316e8286b10d7a8cf
CRC32 C35E03F1
ssdeep 393216:HKL7n4U5LaaTw2fre7Iaw67KVRXYjJGfIfCz:HKPN5L22frqIaw6KRXYdGea
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • VMProtect_Zero - VMProtect packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .vmp0
section .vmp1
section {u'size_of_data': u'0x00c07e00', u'virtual_address': u'0x00c83000', u'entropy': 7.976813071868399, u'name': u'.vmp1', u'virtual_size': u'0x00c07d1c'} entropy 7.97681307187 description A section with a high entropy has been found
entropy 0.999918834463 description Overall entropy of this PE file is high
section .vmp0 description Section name indicates VMProtect
section .vmp1 description Section name indicates VMProtect
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.VMProtect.4!c
tehtris Generic.Malware
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win64.Generic.rc
Cylance Unsafe
VIPRE Trojan.GenericKD.74390260
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_90% (D)
BitDefender Trojan.GenericKD.74390260
K7GW Trojan ( 0058cdc71 )
K7AntiVirus Trojan ( 0058cdc71 )
Arcabit Trojan.Generic.D46F1AF4
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Packed.VMProtect.L suspicious
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Packed:Win64/VMProtect.6072c786
MicroWorld-eScan Trojan.GenericKD.74390260
Emsisoft Trojan.GenericKD.74390260 (B)
McAfeeD Real Protect-LS!63E75BCD85DC
CTX exe.trojan.vmprotect
Sophos Mal/VMProtBad-A
SentinelOne Static AI - Suspicious PE
FireEye Generic.mg.63e75bcd85dc3b33
Google Detected
Microsoft Program:Win32/Wacapew.C!ml
GData Win64.Application.Agent.GNGF58
McAfee Artemis!63E75BCD85DC
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.1481366914
Ikarus PUA.VMProtect
Fortinet Riskware/Application
AVG Win64:MalwareX-gen [Trj]
Paloalto generic.ml
alibabacloud VirTool:Win/Packed.VMProtect.L