Behavioral task
behavioral1
Sample
4da1cc5aa4de069b315f139bf7bb42af.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4da1cc5aa4de069b315f139bf7bb42af.exe
Resource
win10v2004-20231215-en
General
-
Target
4da1cc5aa4de069b315f139bf7bb42af
-
Size
620KB
-
MD5
4da1cc5aa4de069b315f139bf7bb42af
-
SHA1
13a77dbd0b455b8a5ed2a5f515e25b290419700a
-
SHA256
3f25e56bef27d04488d08de69b567cdf73442a351263c57e4d8d3e507a0488c2
-
SHA512
54e461dfcc3242f69e4cab234542433858961d72326a047bf6e00b14b2e478e83f4896352c39b185fcfc4b6657e97d78c5c92d333082c7303bcd95d9f0247a86
-
SSDEEP
12288:2SG1WnYouJtzKeprO0HB8nzjTgFDPv98DgqgFkaIHHZEYLMntoJOsMw:27ceteepa0hszj8N3+gEHHjqqJWw
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4da1cc5aa4de069b315f139bf7bb42af
Files
-
4da1cc5aa4de069b315f139bf7bb42af.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 145KB - Virtual size: 980KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 457KB - Virtual size: 460KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE