75d25c76bfb47e18df748fc8ab1e9182fcdf4a44bc36860dfddb0f9515b13e4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75d25c76bfb47e18df748fc8ab1e9182fcdf4a44bc36860dfddb0f9515b13e4e
Size

1.2MB
MD5

9f42b84f0322a13cee279f19774223dc
SHA1

1a4c31282bdd60703c562cdf7779124d17d30d01
SHA256

75d25c76bfb47e18df748fc8ab1e9182fcdf4a44bc36860dfddb0f9515b13e4e
SHA512

bcb640b3ab39e4c00a2267f518296d78f884141c12ee047695583c013b6c9ba6519ab0e95024a0a9f0065e247c82703c34c9892e1d2525bf620e9a2c8c78a6b0
SSDEEP

24576:QVZl1Z6jzMFa4g33yjPO52HQf/iasFGl2EI+4unYoDZr8YiMI:QEjea4gyjuNf/iHFi9MunYod87

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
static1/unpack001/rpxiv_activator.exe	themida

Files

75d25c76bfb47e18df748fc8ab1e9182fcdf4a44bc36860dfddb0f9515b13e4e
.rar
rpxiv_activator.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 394KB - Virtual size: 932KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 707KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE