12f0c9732a3f2037060938f79b89415af84a528875508613b808287fca57ec87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12f0c9732a3f2037060938f79b89415af84a528875508613b808287fca57ec87
Size

1.7MB
MD5

0cc475472aeb97b6b1d8a3281e01c8a1
SHA1

24600341045b6ce9fe210b2a182ea137a41ddb72
SHA256

12f0c9732a3f2037060938f79b89415af84a528875508613b808287fca57ec87
SHA512

441fb5223b15d13ce93d78158da30247894c7cf31752c8dca2187773e5c04ad45f544e61b0ec5c012f648f52f8e62d94880536ca76046edec8275e03bca1d43a
SSDEEP

24576:VS2Jyo7QNtzTTgHvrPyLVFxnpfH7hUZh3jFz+9VmdSqnAbYOfzzr4kMrQcuc:FIzgHvY997hKeVmFGY4Mp

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

12f0c9732a3f2037060938f79b89415af84a528875508613b808287fca57ec87
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 54KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 290KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 588KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE