Behavioral task
behavioral1
Sample
a282e0d0b8102961ff131114892ae437.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a282e0d0b8102961ff131114892ae437.exe
Resource
win10v2004-20240221-en
General
-
Target
a282e0d0b8102961ff131114892ae437
-
Size
115KB
-
MD5
a282e0d0b8102961ff131114892ae437
-
SHA1
7cad6fd04d0ae3beafa196c75ba1ed1b7b1473e6
-
SHA256
e557bcdd84523176489f677d3abfe3123b314a2163d5440d6a6bb061907557bf
-
SHA512
6624d8efba43445176988f370a45d257a77ee0e30e0c910eccf9158f7805a960b85925574e7454aee5cd37b2a9d19fc84c911cd17fdd96a30f507fba910af99d
-
SSDEEP
768:VMIK4v/CFs7wi69Wk785YlKUT1uoFfr0paJUrZKZDOrRpS0Ng13+twsY/u:OiaFji7k78hGNFApaIMQpSyg13+Su
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a282e0d0b8102961ff131114892ae437
Files
-
a282e0d0b8102961ff131114892ae437.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 124KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE