40e8b608c2b870a08f9483f4ebcf436c368d14948f51482e382590ea0572549d[.]7z

General

Target

40e8b608c2b870a08f9483f4ebcf436c368d14948f51482e382590ea0572549d.7z
Size

155KB
MD5

980c7c8af51de6bc0071b2a648742629
SHA1

63e4e1b70c2a79816cc34bd487d6248a701a96b1
SHA256

a9a8cb8b9259bbac127546dfc32709b0d0cac3347946a6726113adc071593238
SHA512

a732be531b7ccbf2f217c0de0fc9ed9d04dacf3f52f60b37d6dd18ac15d5f9b89ea11f4cc98f0c9ad83f1044894b3f56b8437c0777b35167584b766926ce5dfe
SSDEEP

3072:er7ddn3q2KkCVJVVky3nAh5mBvIJ8s1/osZgdSF25lETZFUJDOqyFjtotHbh9:8P3DDqJVVX3K5IDEoGKo23ETZFUhJyTk

Score

7^/10

themida

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
static1/unpack001/40e8b608c2b870a08f9483f4ebcf436c368d14948f51482e382590ea0572549d.exe	themida

40e8b608c2b870a08f9483f4ebcf436c368d14948f51482e382590ea0572549d.7z
.7z

Password: d,@&o0QInGqg&T]@X]}cIqSG}j@QRUqFIDRLCC0uJF%2eWqGI^
40e8b608c2b870a08f9483f4ebcf436c368d14948f51482e382590ea0572549d.exe
.exe windows x86

Password: d,@&o0QInGqg&T]@X]}cIqSG}j@QRUqFIDRLCC0uJF%2eWqGI^

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 105KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 25KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ