Behavioral task
behavioral1
Sample
bbf6083a7b6d400d35e8930a701ff7da.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bbf6083a7b6d400d35e8930a701ff7da.exe
Resource
win10v2004-20240226-en
General
-
Target
bbf6083a7b6d400d35e8930a701ff7da
-
Size
713KB
-
MD5
bbf6083a7b6d400d35e8930a701ff7da
-
SHA1
c192f4f4036ab1db5c42fcef27594bf189b5d369
-
SHA256
27377c2c297b83b503704986231ecf33063bd3f6d05ed113717bf1f850449c3f
-
SHA512
9f766f255a6922c3c057e857ab70fca87fea2dbb25da361329174e07cfaa2853c2b4a9d1e13fb5518519b28af0f862d29c8d2a012072d2ac9cf248ee6ceea2fd
-
SSDEEP
12288:wLiyeHP1S922ApUCsQM3NdCEVewELnNXiY1SqGLhhD7KSNi7m2j4:wLCHNSBVCsdddCSVE7Nyk3+7XI34
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bbf6083a7b6d400d35e8930a701ff7da
Files
-
bbf6083a7b6d400d35e8930a701ff7da.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 20KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 301KB - Virtual size: 292KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 388KB - Virtual size: 924KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE