Behavioral task
behavioral1
Sample
6acd081ddf2683294dc75bb6eecd6bad5480d822b425043f245daab1970a93d0.exe
Resource
win7-20221111-en
General
-
Target
6acd081ddf2683294dc75bb6eecd6bad5480d822b425043f245daab1970a93d0.zip
-
Size
8.7MB
-
MD5
177a868778ea56c79ee409c979e1f276
-
SHA1
2776d3294be91cc252ed5cbe7d699b24f2e418af
-
SHA256
2fd280ab8f9ef860843debfda9842c445df48ead601bb92c611b884a04fea202
-
SHA512
f06dd2f7de7cd7e3d4992919eea8ebc8f351ff354c79056532e30a17b2c66085be3791201748a2191451da9e9a6b1119c8f5f011af08c5f8ece6a062787affa8
-
SSDEEP
196608:wGLkGWgLsspzfYRp/kRtPdjGp8gx9iZJL/c4Q0IVXk4x/A+PRidly5zvj/z:dOAg4zPdip8Sivc4Q0IVXFx/AGyl0vf
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/6acd081ddf2683294dc75bb6eecd6bad5480d822b425043f245daab1970a93d0.exe themida
Files
-
6acd081ddf2683294dc75bb6eecd6bad5480d822b425043f245daab1970a93d0.zip.zip
Password: infected
-
6acd081ddf2683294dc75bb6eecd6bad5480d822b425043f245daab1970a93d0.exe.exe windows x86
Password: infected
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 335KB - Virtual size: 629KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 30KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 4KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 5.8MB - Virtual size: 5.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ