Behavioral task
behavioral1
Sample
7c1c65e63719d0c6a52315d2e0f12ddf.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7c1c65e63719d0c6a52315d2e0f12ddf.exe
Resource
win10v2004-20231215-en
General
-
Target
7c1c65e63719d0c6a52315d2e0f12ddf
-
Size
1.0MB
-
MD5
7c1c65e63719d0c6a52315d2e0f12ddf
-
SHA1
183050e27b8a01e10541b7f67ed8d7b8668d366e
-
SHA256
504833ccad6b0145acb3318dcbdadf9f47538f1a42163e7e623459801aa1a20f
-
SHA512
529f0664414cd81f0801b4c0c1288161b33fa0cc1bcc4210259f8b5d7be10dfcdee7a0d19a1ed4e66347f3054d02a8d5b68e8ee74702707dd6912721060161cd
-
SSDEEP
24576:2EkuPY2hDjgoQqcxzsqJh7UTMKuzjScVPW0KZw7PA6C:xkWDjG9fh7UhYO0y6C
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7c1c65e63719d0c6a52315d2e0f12ddf
Files
-
7c1c65e63719d0c6a52315d2e0f12ddf.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 156KB - Virtual size: 996KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE