Behavioral task
behavioral1
Sample
e1689f695b580c88f6b58274cfed905541749bd86f9f3cd95b70ae22387313ca.exe
Resource
win7-20220812-en
General
-
Target
e1689f695b580c88f6b58274cfed905541749bd86f9f3cd95b70ae22387313ca.zip
-
Size
6.4MB
-
MD5
b424842beae9cadc0cb3e4990ef060b4
-
SHA1
b6913ac02584fc45ee1e6a6bb2c66e1e610b1e47
-
SHA256
f4fd0842db586c415fcb3e83a4b7168df03b851557873d2d18978ad57b257a1b
-
SHA512
afe7186d6b06f0fe7fa320c91e2d5fb0a8c371298bcb61633c963d9067bc97134834c413de1607b61314d404047f38a070c5c9a524b970d1da8c97df7ad9837f
-
SSDEEP
98304:gfTxhb+qhRmj2H1elEtqVcCJg7+xyob71ihfJ/eYxyoY8zo2Z99pKamlAsWs+Y:cTxboaVoEtac4g7+ClxloIdNPY
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/e1689f695b580c88f6b58274cfed905541749bd86f9f3cd95b70ae22387313ca.exe themida
Files
-
e1689f695b580c88f6b58274cfed905541749bd86f9f3cd95b70ae22387313ca.zip.zip
Password: infected
-
e1689f695b580c88f6b58274cfed905541749bd86f9f3cd95b70ae22387313ca.exe.exe windows x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
Size: 338KB - Virtual size: 392KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 368KB - Virtual size: 367KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.themida Size: - Virtual size: 9.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ