Behavioral task
behavioral1
Sample
7070c32bc2a99191466aece319b46bb8.exe
Resource
win7-20231215-en
General
-
Target
7070c32bc2a99191466aece319b46bb8
-
Size
3.0MB
-
MD5
7070c32bc2a99191466aece319b46bb8
-
SHA1
7b462ad990b3a03cb9d39e46ca8745c3e311e4fb
-
SHA256
89cb04747b079628bf19ec877c4cdd6f6ba28ef5e7e71a9ed01b72e989c3330e
-
SHA512
c91374cf7cd70195bd0bd88a7f8876facf1da4f49ef2c7400e383096972519ac3b1183ba6ffcb872a3dcf53e91e6fb3542e0e6e3704f2e6a8c779d9274f25997
-
SSDEEP
98304:02txX5n4A1Vt8MP5dhASR4wEkRjcNoEHFtP:0Wxp4AqM/hcWBcNLHnP
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7070c32bc2a99191466aece319b46bb8
Files
-
7070c32bc2a99191466aece319b46bb8.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 341KB - Virtual size: 636KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 30KB - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 4KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 97KB - Virtual size: 656KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 170KB - Virtual size: 170KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 3.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ