Behavioral task
behavioral1
Sample
11cf414ea92830ef4aa1aebbb19b5c86.exe
Resource
win7-20231215-en
General
-
Target
11cf414ea92830ef4aa1aebbb19b5c86
-
Size
574KB
-
MD5
11cf414ea92830ef4aa1aebbb19b5c86
-
SHA1
c176ffcbdf95846ff969e71a29ed90838d764ec7
-
SHA256
4ff7309a755e467ff882ae2f51c0e678fe2b152eb927cdbe33ba8a58ef655813
-
SHA512
c4b278a65d2a6c7230b58ede493de0ce3b99e5e35b40e3ae4d904c92ebda30cdd7a056b2eefe57be003e6d7ce8b1b1e68094c3128c9eb6c6ec1727ca31e94a67
-
SSDEEP
12288:qUmNyva4PaXSrKg0yVoNH0ubQbySW/4ynos2sZbCx:wPCKYaNxSfyomOx
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 11cf414ea92830ef4aa1aebbb19b5c86
Files
-
11cf414ea92830ef4aa1aebbb19b5c86.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 74KB - Virtual size: 472KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 490KB - Virtual size: 492KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE