Behavioral task
behavioral1
Sample
d5a60489b99b9d17c39eb751d56aa0b1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d5a60489b99b9d17c39eb751d56aa0b1.exe
Resource
win10v2004-20240226-en
General
-
Target
d5a60489b99b9d17c39eb751d56aa0b1
-
Size
1.1MB
-
MD5
d5a60489b99b9d17c39eb751d56aa0b1
-
SHA1
dd1c4bfb6116184909680798993ce9fb621fda1b
-
SHA256
e9fb032eea5ec8e46258310c665522ae028501f8eb401f53d65f8ce1cd9c1cd7
-
SHA512
78d399a5dcea78672af5d9aae3b9c258f7af5fe427bbc5d34eaba34bcf92df590da7904a88a9a49934748d60c3fbada1d8c07739fcac3e46280018273925ba2f
-
SSDEEP
24576:qC+J+95KVmZZK3jGmp76Sr943+TICIKlKh9Px0yFSRSlnVj/0p:cJQZZKzGmp76Q+OEd3hT0y4SLW
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d5a60489b99b9d17c39eb751d56aa0b1
Files
-
d5a60489b99b9d17c39eb751d56aa0b1.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 19KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE