2d950b55304ad25f6e513d0d995a6b401f3121dfb26d1a9659c2daa06c83f3b0

Sharing

Copy URL

Twitter E-mail

General

Target

2d950b55304ad25f6e513d0d995a6b401f3121dfb26d1a9659c2daa06c83f3b0
Size

2.9MB
MD5

c9480f159f75bcac7884e27751b0447a
SHA1

4d253e87f294b23b205753f7aa900b5c853d08c1
SHA256

2d950b55304ad25f6e513d0d995a6b401f3121dfb26d1a9659c2daa06c83f3b0
SHA512

dc3b1728bc036f5b37910ef31b6e5d7ea0fffeba326dfa4e4bb6f90172bb1bea90f76c07bb098ed9e8da5c23393484b9bfd25d2900d1c9343fe591d02d3c3404
SSDEEP

49152:VzXuyYhn4T25AVcwSaCfDq/UXqOJtlVtN6mfB5RUW4/0yes/8y:xeyYTAiWCfSUXhBVtgORVaJ8y

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
themida

Processes:

resource yara_rule

sample themida

resource	yara_rule
sample	themida

Files

2d950b55304ad25f6e513d0d995a6b401f3121dfb26d1a9659c2daa06c83f3b0
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 102KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.꙰꙰�
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.꙰꙰�
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.꙰꙰�
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.꙰꙰�
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.꙰꙰�
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.꙰꙰�
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ov7bcFCi
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ov7bcFCi
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ov7bcFCi
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 102KB - Virtual size: 208KB

Size: 4KB - Virtual size: 12KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

.꙰꙰� Size: 4KB - Virtual size: 8KB

.themida Size: - Virtual size: 4.1MB

.boot Size: 2.4MB - Virtual size: 2.4MB

.꙰꙰� Size: 3KB - Virtual size: 3KB

.꙰꙰� Size: 3KB - Virtual size: 3KB

.꙰꙰� Size: 3KB - Virtual size: 3KB

.꙰꙰� Size: 3KB - Virtual size: 3KB

.꙰꙰� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

Ov7bcFCi Size: 3KB - Virtual size: 3KB

Ov7bcFCi Size: 3KB - Virtual size: 3KB

Ov7bcFCi Size: 3KB - Virtual size: 3KB

.rsrc Size: 283KB - Virtual size: 283KB

.idata
Size: 512B - Virtual size: 8KB

.꙰꙰�
Size: 4KB - Virtual size: 8KB

.themida
Size: - Virtual size: 4.1MB

.boot
Size: 2.4MB - Virtual size: 2.4MB

.꙰꙰�
Size: 3KB - Virtual size: 3KB

.꙰꙰�
Size: 3KB - Virtual size: 3KB

.꙰꙰�
Size: 3KB - Virtual size: 3KB

.꙰꙰�
Size: 3KB - Virtual size: 3KB

.꙰꙰�
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

Ov7bcFCi
Size: 3KB - Virtual size: 3KB

Ov7bcFCi
Size: 3KB - Virtual size: 3KB

Ov7bcFCi
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 283KB - Virtual size: 283KB