f25f8f950b38104a42c1f0e9c2f858db84bb7a3bb55947bb6a8100aca089e348 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f25f8f950b38104a42c1f0e9c2f858db84bb7a3bb55947bb6a8100aca089e348
Size

1023KB
MD5

833c7651e031f7fb3698f4ad35a5ad48
SHA1

ef004472164936e6cf91c659dfbe1788d2f4840b
SHA256

f25f8f950b38104a42c1f0e9c2f858db84bb7a3bb55947bb6a8100aca089e348
SHA512

a46e99a7bc40d1e21895a2f2d25413b32d7534b97450ea8bceaf882502f5a1380650f532c28770c88a87bec5727641b3e3ab1960ff308b9f170689bd3fcabe02
SSDEEP

24576:q53H2ArBodtmYO8TIMwAE3Ko1nku6pa83Bw:q53BaNO8lwB6KnfL

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

f25f8f950b38104a42c1f0e9c2f858db84bb7a3bb55947bb6a8100aca089e348
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 36KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 343KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 639KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE