Behavioral task
behavioral1
Sample
Clip1.exe
Resource
win7-20230824-en
Behavioral task
behavioral2
Sample
Clip1.exe
Resource
win10v2004-20230703-en
General
-
Target
Clip1.exe
-
Size
9.7MB
-
MD5
26dbb8cdc46ecf186fe07605207bf622
-
SHA1
916e3e9f55205fbd45ec1fbb47db370d4f668d18
-
SHA256
badf6c49e41bef9c00e665b7273b2e8d712abb6e463e451c39d33494eb02bd98
-
SHA512
f20a3f64747f61b4b8aebc04309ebd2b6490ec0c8d0d4a974a2ccbe730ec89681e1bfcf80c054efd6e49cc1931feac31859a3c0a3795c6ae7c8a90a0d1e7743f
-
SSDEEP
98304:zvw0Hotqx1pWuJ56DdIPqDyj/pCu03o8I6v+5/QGJbY9YAq+6FLiX:zY0Hotqx1EA56hLnr48IH/HK186
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Clip1.exe
Files
-
Clip1.exe.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 202KB - Virtual size: 202KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.themida Size: 5.7MB - Virtual size: 5.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE