37b7813a06255688d4d537735159d3bedff30edcde1b451f68c0d08e597d381e | Triage

Sharing

General

Target

37b7813a06255688d4d537735159d3bedff30edcde1b451f68c0d08e597d381e
Size

3.9MB
MD5

b835e76a0c6822e0dd0ce22af71157cf
SHA1

15e2f97ffdb259ca06bce2d1d39100be813185b2
SHA256

37b7813a06255688d4d537735159d3bedff30edcde1b451f68c0d08e597d381e
SHA512

df16f16f0ccbd66e127febd881804092a473892f94b28b4fc257e5d50710bd8ee7ddf20743c6b6fd5d73d9265a008042ed72819fbad1d9fdefa44ac73117118f
SSDEEP

98304:ymtrd0VROZNq7OISHejJVAVTUTRcTL8NiUH8:PHejJVS6R8LWH8

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
themida

Processes:

resource yara_rule

sample themida

Files

37b7813a06255688d4d537735159d3bedff30edcde1b451f68c0d08e597d381e
.exe windows x86

Code Sign

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE