Behavioral task
behavioral1
Sample
c12c99158ad0aa85b4b979b2c0d986c8.exe
Resource
win7-20240221-en
General
-
Target
c12c99158ad0aa85b4b979b2c0d986c8
-
Size
1.0MB
-
MD5
c12c99158ad0aa85b4b979b2c0d986c8
-
SHA1
cc30e1282d870d5719df423c95c5fa4a6e7690c6
-
SHA256
bd22f3b948b8049fa18a8f0e816f2ec2c45eff7be49530e049f5e254e99edc72
-
SHA512
74082589b62c4868ac992169a49b8fd95bcb3691e6cad52c251eec6731e84792ada5fe150a1f0649a3d94f754828a6b94e0b6d9c0714cab3533ca7fb7d960168
-
SSDEEP
24576:y23WTOuCmbc5yA3OL4huNSrBKBUPvIEZ7NOUD:ZVO78uUeUHBNOUD
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c12c99158ad0aa85b4b979b2c0d986c8
Files
-
c12c99158ad0aa85b4b979b2c0d986c8.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 248KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 696KB - Virtual size: 700KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE