405277394813eaf2b5ece8f4757cb7c951b07cbd8b5dde599e7fcd4a442f36c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

405277394813eaf2b5ece8f4757cb7c951b07cbd8b5dde599e7fcd4a442f36c5
Size

755KB
MD5

155acea2e6a762613a89e772392c8b09
SHA1

1b30dd1df6b9d21a7610e44d0102e3bb65a0c64b
SHA256

405277394813eaf2b5ece8f4757cb7c951b07cbd8b5dde599e7fcd4a442f36c5
SHA512

bfa8eb9ea45f57e51e7b2bd1428c37da551202394b7749f5845095fa98931868277469a5cd727e5db6b07bae472649e9c38f0f378097b702519f59a95c69cd4a
SSDEEP

12288:g2Rpr0l2RSRqWXpaqLL4bC1D54zWg/fCz8yIB5eB+ZVvUWaBpnxnSFWM:pvrA2RSEupact1+zWg3CAyyeUZVvyBpG

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

405277394813eaf2b5ece8f4757cb7c951b07cbd8b5dde599e7fcd4a442f36c5
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 647KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE