Behavioral task
behavioral1
Sample
1f8168d93ece18b8e2bfc18abc5291b3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1f8168d93ece18b8e2bfc18abc5291b3.exe
Resource
win10v2004-20231215-en
General
-
Target
1f8168d93ece18b8e2bfc18abc5291b3
-
Size
502KB
-
MD5
1f8168d93ece18b8e2bfc18abc5291b3
-
SHA1
a2942fd7ba4fc11d676c18eef312a79b58ad89fd
-
SHA256
d0006368538d5b9230070540a5273498f6b9b059bf43206adb7ae13eaa8a525e
-
SHA512
1c3d26be46780471cfa958a456f63d3449e2fddee81f870f9f9400959ee01107f994aae31cae8ade61ebd8fd98dba51fe9f3ad83adf48342726e8c38e7288c9b
-
SSDEEP
12288:eYupTQ/aJgzqTgufjYVyW1g01XQkn7uq:ef8/aJ5HOBAdq
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1f8168d93ece18b8e2bfc18abc5291b3
Files
-
1f8168d93ece18b8e2bfc18abc5291b3.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 112KB - Virtual size: 884KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 378KB - Virtual size: 900KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE