popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

aimhvci.exe

VMProtect Malicious Library PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 26, 2024, 5:18 p.m. Oct. 26, 2024, 5:34 p.m.
Size 12.0MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 a831760905618a8fe674b912a5a75ca1
SHA256 afc044b6770c002e187bc9a0d8b99ec7e65d23d0adfdf187cf3d0e010db2a7b5
CRC32 D60288A4
ssdeep 196608:/T5A87u4NOOX1W1Wkle/KPpZcTI/Hd7FKFYLAwDPW5B4R6kMqML45U8Q6h5/tZYX:9AksAYe/01JcFYFzbMx8zzK
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • VMProtect_Zero - VMProtect packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .vmp0
section .vmp1
section {u'size_of_data': u'0x00c07400', u'virtual_address': u'0x00c86000', u'entropy': 7.976823800731326, u'name': u'.vmp1', u'virtual_size': u'0x00c072c0'} entropy 7.97682380073 description A section with a high entropy has been found
entropy 0.99991881799 description Overall entropy of this PE file is high
section .vmp0 description Section name indicates VMProtect
section .vmp1 description Section name indicates VMProtect
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.VMProtect.4!c
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win64.Generic.rc
ALYac Trojan.GenericKD.74390709
Cylance Unsafe
VIPRE Trojan.GenericKD.74390709
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_70% (D)
BitDefender Trojan.GenericKD.74390709
K7GW Trojan ( 0058cdc71 )
K7AntiVirus Trojan ( 0058cdc71 )
Arcabit Trojan.Generic.D46F1CB5
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Packed.VMProtect.L suspicious
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Packed:Win64/VMProtect.6072c786
MicroWorld-eScan Trojan.GenericKD.74390709
Emsisoft Trojan.GenericKD.74390709 (B)
F-Secure Heuristic.HEUR/AGEN.1315472
McAfeeD Real Protect-LS!A83176090561
CTX exe.trojan.vmprotect
Sophos Mal/VMProtBad-A
SentinelOne Static AI - Malicious PE
FireEye Generic.mg.a831760905618a8f
Webroot W32.Malware.Gen
Google Detected
Avira HEUR/AGEN.1315472
Antiy-AVL GrayWare/Win32.Puwaders
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Trojan.Win64.Packed.sa
Microsoft Program:Win32/Wacapew.C!ml
GData Win64.Trojan.Agent.RKPPQK
AhnLab-V3 Trojan/Win.Agent.R673869
McAfee Artemis!A83176090561
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.2137149506
Ikarus PUA.VMProtect
Fortinet Riskware/Application
AVG Win64:MalwareX-gen [Trj]
Paloalto generic.ml
alibabacloud VirTool:Win/Packed.VMProtect.L