3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae | Triage

Sharing

General

Target

3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae
Size

6.1MB
MD5

bfa9f46f5679d14bfa7248345a0b8a97
SHA1

8a5fddc5b1273601896a2501e25de1fa537a50d9
SHA256

3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae
SHA512

29022d8496b39840e4d00d9be5f57e73c1989f1f9a5cd0d8ca0f814267ef3de1a7fcc83b60fa973ff233e78ed1abe2bdd17376bca658483054ff4eedf0abffa3
SSDEEP

196608:jnPccFAvwvyAlHRI9F/3jxqmduByx7Ykpq9MSI4Y:jPccmv2HRc/x7sM74Y

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
themida

Processes:

resource yara_rule

sample themida

Files

3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 732KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE