Behavioral task
behavioral1
Sample
178163c8174dafc937ee28617b08acb61f864dbf1253ed9dd99fd165ef304507.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
178163c8174dafc937ee28617b08acb61f864dbf1253ed9dd99fd165ef304507.exe
Resource
win10v2004-20220812-en
General
-
Target
178163c8174dafc937ee28617b08acb61f864dbf1253ed9dd99fd165ef304507
-
Size
1.0MB
-
MD5
0d25cf374a1ff5019d5063b88f76af6b
-
SHA1
d082a100e812326b4fd98a7c8511fdfac4c9137c
-
SHA256
178163c8174dafc937ee28617b08acb61f864dbf1253ed9dd99fd165ef304507
-
SHA512
0aee2c6f1bfc3f8bab09938d2a98d192f801a0698a0b94b91649429f90c8a7dea6cdfac3fba19e288fb167d0cecab405e1639ad77fc75d615b7b7f3b98df1792
-
SSDEEP
12288:et6KhmRYlqowJkNLLN925r8Cg0nK+hNzbkEgGbOJlBVZe:Im7owJsB92aOHkES
Malware Config
Signatures
-
Processes:
resource yara_rule sample themida
Files
-
178163c8174dafc937ee28617b08acb61f864dbf1253ed9dd99fd165ef304507.exe windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 92KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 936KB - Virtual size: 956KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE