Behavioral task
behavioral1
Sample
7ca955a2dbb8ad0272222bf0f259241d.exe
Resource
win7-20231129-en
General
-
Target
7ca955a2dbb8ad0272222bf0f259241d
-
Size
4.9MB
-
MD5
7ca955a2dbb8ad0272222bf0f259241d
-
SHA1
e42165c998c07d5c4adf2a1c9520e477478d8237
-
SHA256
3a0ae767cc4f918bce4bf6fb6e8afc14349cd7473a6b9a965644bc769fb581be
-
SHA512
206e7546891ce7ed9f0afa8073ea648494aab2184666bd22fd9d1543bb1d1fb03bed6db79b2257f54040df8cb3ab87353aa9ca4326d1ce619d74f105f803c35c
-
SSDEEP
98304:nlld2dR2EetcIIuF2rMAi8dCBHy5KZmC7:ngfuF2rulHyoYm
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7ca955a2dbb8ad0272222bf0f259241d
Files
-
7ca955a2dbb8ad0272222bf0f259241d.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
Size: 13KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.imports Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.themida Size: 4.9MB - Virtual size: 4.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE