Behavioral task
behavioral1
Sample
2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02.exe
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02.exe
Resource
win7-20221111-en
General
-
Target
2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02.zip
-
Size
6.5MB
-
MD5
13216202081404960fb032c0ffb03cd8
-
SHA1
9549d916d42dbf9474f0e10f1ceab92d323d8ae0
-
SHA256
b43b03609b465f7214e2643839c04599117d454b03d8970ced7a045a7ee92068
-
SHA512
a147c90cf707cd72c75a1854f2a66f9ed3cbc144f40d1f7ae93c099d6ceec43be6c14de673e1a8f220563efb5bfa58ab72cf3b0142d6a78254cab8720b48ac1f
-
SSDEEP
196608:HQ92K0U8LAe7cI1iM0bc24eD0DFqQt36h8d9phrE6OuuiH:HQ92K0U8hwIP0d4I0DFqbhGHOudH
Malware Config
Signatures
-
resource yara_rule static1/unpack001/2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02 themida
Files
-
2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02.zip.zip
Password: infected
-
2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02.exe windows x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 489KB - Virtual size: 496KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.themida Size: 8.6MB - Virtual size: 8.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE