Behavioral task
behavioral1
Sample
0760c91be141c3ef4169c79ce978c750.exe
Resource
win7-20231215-en
General
-
Target
0760c91be141c3ef4169c79ce978c750
-
Size
3.1MB
-
MD5
0760c91be141c3ef4169c79ce978c750
-
SHA1
cf8ea7a09c2131271c10bbccffc4c2acd73723e2
-
SHA256
ad566224e3f089c2c4dd4c07714c82fe2af54307ace558dd1bd317b0cbc73dbf
-
SHA512
3a3229cad3da33598cc994a0aeb4ce9f43d5f46136545e6af27872d6c3942e0976baa72d7259aec5076e7526072ab781eb9c3b0b8deda1cd6a198b09bde76a5b
-
SSDEEP
49152:4hW0Nj/dM6hfhIRkY+ypE3MS/dKsaAyQPb1BnTBoLFiAd2YrVlJNrumtNHeOm/kr:+/eTP+j85AnjDFMDrJNimZj3TiC
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0760c91be141c3ef4169c79ce978c750
Files
-
0760c91be141c3ef4169c79ce978c750.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 41KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 577B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 15B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.imports Size: 1024B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 5.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ