Behavioral task
behavioral1
Sample
2044b40896ff3842bd708d58770260ac.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2044b40896ff3842bd708d58770260ac.exe
Resource
win10v2004-20231215-en
General
-
Target
2044b40896ff3842bd708d58770260ac
-
Size
1.7MB
-
MD5
2044b40896ff3842bd708d58770260ac
-
SHA1
80eff0bcdb73dce4da3f7d224dd67082a00953c0
-
SHA256
c61e00e20d1cffb251a1c2bc031f56096dd645ee0b088623647f9a9bdf7f5de9
-
SHA512
d884838ab63bbd14c41e1027520be787549b5f7d8f58093167168586810b90c113f3660f825e79be55aa76b8d62bf41e473d948218a77e61a94191c6cffa7353
-
SSDEEP
24576:hGuBKrwikXufo46JZmwcyNYRo7SUBMQPpxUEwrqiPW4o3bzn+x3K4egG516f3k4v:hrjcxRiMQxxlwrEhPpywwf3mnwDFzUCb
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2044b40896ff3842bd708d58770260ac
Files
-
2044b40896ff3842bd708d58770260ac.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 18KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 31KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.6MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE