General
-
Target
Theme.exe
-
Size
161KB
-
MD5
5db51b17ac8b58d0389f26003bbdd7e6
-
SHA1
82235bb25976fdb560e0d20420bf9a5b31fef15c
-
SHA256
85dd81dde20cbecdc2e1550062ba49cc3e7b392444eedf365911e6b3501d8431
-
SHA512
a7e3c2cebcf2f7339e4d2a8291be26e6ac1e3c2b528a291ed2e98f3c896ce4542bba7375eef9fbde40efe96954335f59b726730a1b20ef34bcaef8f8b9da96f0
-
SSDEEP
3072:KVZ/VGS7rN+9Uv6+xfe9HnCFTq5outVhcByUbH2zC:KV28oSe9iFO5oSoDr2
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Theme.exe
Files
-
Theme.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 132KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 92KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE