popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

esphvci.exe

VMProtect Malicious Library PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 26, 2024, 5:18 p.m. Oct. 26, 2024, 5:28 p.m.
Size 12.0MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 d4c7b1c538c273dc77600e2fa3c6534f
SHA256 87982ce3693e5df58c7c38982a517764a6aeddc6f94dc7d49bd8313f8c017c6c
CRC32 7CD302E6
ssdeep 393216:/MpmOuO8V8jZqoLgT1rJD2i6kTAhNNW4O09:/qf98VeZPgT18i6AqWN0
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • VMProtect_Zero - VMProtect packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .vmp0
section .vmp1
section {u'size_of_data': u'0x00c04400', u'virtual_address': u'0x00c82000', u'entropy': 7.976280213990199, u'name': u'.vmp1', u'virtual_size': u'0x00c043d4'} entropy 7.97628021399 description A section with a high entropy has been found
entropy 0.999918738827 description Overall entropy of this PE file is high
section .vmp0 description Section name indicates VMProtect
section .vmp1 description Section name indicates VMProtect
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
tehtris Generic.Malware
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win64.Generic.rc
ALYac Trojan.GenericKD.74390332
Cylance Unsafe
VIPRE Trojan.GenericKD.74390332
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_90% (D)
BitDefender Trojan.GenericKD.74390332
K7GW Trojan ( 0058cdc71 )
K7AntiVirus Trojan ( 0058cdc71 )
Arcabit Trojan.Generic.D46F1B3C
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Packed.VMProtect.L suspicious
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Packed:Win64/VMProtect.6072c786
MicroWorld-eScan Trojan.GenericKD.74390332
Emsisoft Trojan.GenericKD.74390332 (B)
F-Secure Heuristic.HEUR/AGEN.1315472
McAfeeD Real Protect-LS!D4C7B1C538C2
CTX exe.trojan.agen
Sophos Mal/VMProtBad-A
SentinelOne Static AI - Malicious PE
FireEye Generic.mg.d4c7b1c538c273dc
Google Detected
Avira HEUR/AGEN.1315472
Antiy-AVL GrayWare/Win32.Wacapew
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Trojan.Win64.Packed.sa
Microsoft Program:Win32/Wacapew.C!ml
ZoneAlarm UDS:DangerousObject.Multi.Generic
GData Win64.Application.Agent.4C2MD7
AhnLab-V3 Trojan/Win.Agent.R673869
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.1481366914
Ikarus PUA.VMProtect
Fortinet Riskware/Application
AVG Win64:MalwareX-gen [Trj]
Paloalto generic.ml
alibabacloud VirTool:Win/Packed.VMProtect.L