Behavioral task
behavioral1
Sample
75185ddb696b6ba7e7318113c8e73f5d.exe
Resource
win7-20231215-en
General
-
Target
75185ddb696b6ba7e7318113c8e73f5d
-
Size
559KB
-
MD5
75185ddb696b6ba7e7318113c8e73f5d
-
SHA1
0349f80261a27286f1c0674043ca64cccdf7cdd0
-
SHA256
df999975739b71b9dcea15b853d9573b5e9fcb60e899b3902d9ba8c4238b3cbc
-
SHA512
ac84b29b427d91e0b0c06ac4affded56bb5736be37b512e4ed8e205fa300538cb2599fee9fd52bcdf9e549689b27d0d73c5f4fd20a0de6b0ab02cd6208f052f0
-
SSDEEP
12288:2eGDe7sTWweIQYQpCxz5KeJkkK23mtTCoLj2TGhABeXDP1PwM+st/5:28ATWwed1pOAeJkkK0oLj2TGhAB2DP15
Malware Config
Signatures
-
Processes:
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 75185ddb696b6ba7e7318113c8e73f5d
Files
-
75185ddb696b6ba7e7318113c8e73f5d.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 501KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE