Behavioral task
behavioral1
Sample
b6d10bb1746b946c352471a3c9278fa4d86ce122ccf37b3a7dab01c75abe90c4.exe
Resource
win7-20240903-en
General
-
Target
b6d10bb1746b946c352471a3c9278fa4d86ce122ccf37b3a7dab01c75abe90c4
-
Size
5.9MB
-
MD5
81ad57c281a8f3804b373700c41604a6
-
SHA1
7d3ebc9ce7f960d10bf47f547c0017b10be5f88b
-
SHA256
b6d10bb1746b946c352471a3c9278fa4d86ce122ccf37b3a7dab01c75abe90c4
-
SHA512
a6a9cc4378296c01fe12b856f554a5d6aa2de64ffeeb8013ada37d1ee5730b63d69943b0a566bb9bc11d19c4b78f12df1347bd3cff46192a459f55191ec9bf3e
-
SSDEEP
98304:SK2c/ii0v36ePpuYTJ3htxL2PajfoGRWomxoG/q+XLkhZdqLMNerONzUFWd0jSIF:SPcHQL0aj3MokLlM40zbybyC
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b6d10bb1746b946c352471a3c9278fa4d86ce122ccf37b3a7dab01c75abe90c4
Files
-
b6d10bb1746b946c352471a3c9278fa4d86ce122ccf37b3a7dab01c75abe90c4.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 90KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 388KB - Virtual size: 388KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.themida Size: 5.5MB - Virtual size: 5.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE