Behavioral task
behavioral1
Sample
8cae632e15d270bc26a8a2c26e01358b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8cae632e15d270bc26a8a2c26e01358b.exe
Resource
win10v2004-20231215-en
General
-
Target
8cae632e15d270bc26a8a2c26e01358b
-
Size
1.4MB
-
MD5
8cae632e15d270bc26a8a2c26e01358b
-
SHA1
6f9692e0ca678363548d20ec4120e53280864348
-
SHA256
77ef7f91d0dae6998c3ff250ebe3ca3c54ddf182686cbae01afe84467657edc4
-
SHA512
a1632d584826ba2204bb83dfa20931723565bd49118dc8cbaa6eac1fa81e2cadc5290a8e15f2fd80e07e1d17b416452f6157dc78e28e92f225e9ce1cb333d353
-
SSDEEP
24576:JUypVW03VkuSgAcwjGgG2z72IWwsoyHemf2qjrAxKX5/xZ2kjuX6qFtrJe/f:RpVW03VVyjNuIWwsfemO8kx65r2euKmQ
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8cae632e15d270bc26a8a2c26e01358b
Files
-
8cae632e15d270bc26a8a2c26e01358b.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 256KB - Virtual size: 588KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 91KB - Virtual size: 165KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.0MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE