b7cc41edd00321fdd5ecea95b3a5300fbdf12a8e9259b1d4a20354d8f862bf9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7cc41edd00321fdd5ecea95b3a5300fbdf12a8e9259b1d4a20354d8f862bf9f
Size

848KB
MD5

377aac4e32c6051e264aa2b6c1290461
SHA1

86d211189c5b6df7160cfb840b67e3346404d050
SHA256

b7cc41edd00321fdd5ecea95b3a5300fbdf12a8e9259b1d4a20354d8f862bf9f
SHA512

1ca8e0c91001127c9ab0dc8534d09b26c069854d2cc7c3be5fded1b388ce5086fe4fa5a9ea97e95fd1d88e0865f0395c8a7dc1e00d3144509b0effad322a1db3
SSDEEP

12288:/Mfa6BL1nJUUXgityHPBNR00uxwRbPaxbIbYBbiwiOhaLqjKiY0JKUg:/Mf/p1nqKtyHrR00uxwF2B/+6fKV

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

b7cc41edd00321fdd5ecea95b3a5300fbdf12a8e9259b1d4a20354d8f862bf9f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 641KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE