8474ef0451bb3a2bcafd4d4c557a234f8a9bf932b755df6ea03540140bfe5ca8 | Triage

Sharing

General

Target

8474ef0451bb3a2bcafd4d4c557a234f8a9bf932b755df6ea03540140bfe5ca8
Size

3.9MB
MD5

c34874d31aff52ee032b2e9acc176e97
SHA1

6e55424c14ce050a91522319b4cee15e1d5452af
SHA256

8474ef0451bb3a2bcafd4d4c557a234f8a9bf932b755df6ea03540140bfe5ca8
SHA512

4bfb23cbd58c2cdfc242395a3e533db12a7fbf7ca78f5f76f4898fe2c8740c1d8f54fb26f58215a3df71df2c2c7b2f4ee29b054cacfdef112ca969f41966e542
SSDEEP

49152:v3REnVenB3+tBgqWHG5MuyVLjua8j8RVoJbIoFEc5OANnFvTr:v3GngnButNW9uai870bIIEcPnJ

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
themida

Processes:

resource yara_rule

sample themida

Files

8474ef0451bb3a2bcafd4d4c557a234f8a9bf932b755df6ea03540140bfe5ca8
.exe windows x86

Code Sign

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE