Behavioral task
behavioral1
Sample
22a2a1645b1606cc926c3cf9d5c9e207.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
22a2a1645b1606cc926c3cf9d5c9e207.exe
Resource
win10v2004-20231215-en
General
-
Target
22a2a1645b1606cc926c3cf9d5c9e207
-
Size
77KB
-
MD5
22a2a1645b1606cc926c3cf9d5c9e207
-
SHA1
9b05bf96c10dec27a7435363a9971b50397f8089
-
SHA256
dc78f360fa5d0d83aa17fefeb5f954c00c63bcabc1d240b59c260bb7419ff7d7
-
SHA512
4ce8d8dfed8370ee45305d8b6b810801938cf224bac1b5deec8057724ccc2677a0b9c1beb6afd541bbbac41b8423c973e984ee9edc1e972d462e0160d5338da9
-
SSDEEP
1536:/CdUW0IkXexKwJJEzkd5fE9fosRUYEa5ZSV+:uvd8Yozkd5qLXSV+
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 22a2a1645b1606cc926c3cf9d5c9e207
Files
-
22a2a1645b1606cc926c3cf9d5c9e207.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 16KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 808KB - Virtual size: 812KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE