bf4a76c73c784edff7a499cdc5284f6a6e5d0e4ae6074097feaa5e9b086ee618

Sharing

Copy URL

Twitter E-mail

General

Target

bf4a76c73c784edff7a499cdc5284f6a6e5d0e4ae6074097feaa5e9b086ee618
Size

1.7MB
MD5

a4626ce09b592d661c3a053cffbbbbbf
SHA1

9210bac9eccce0b73afbeec21bce029fa873d024
SHA256

bf4a76c73c784edff7a499cdc5284f6a6e5d0e4ae6074097feaa5e9b086ee618
SHA512

99a0844367530a9be796c99d86fbf234dec9390b0c580b5303fd8cc9c0fd02ce7661a4f111c2652d3b3b26e6a1354bb6ef78119960066e27cc311d932975ced0
SSDEEP

49152:wLMHj1x0js2+7Z285wh2BOi3LaKLWaejEA:wAHjH0FKZ22wEwi3LPaa

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
themida

Processes:

resource yara_rule

sample themida

resource	yara_rule
sample	themida

Files

bf4a76c73c784edff7a499cdc5284f6a6e5d0e4ae6074097feaa5e9b086ee618
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 89KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 13KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

folowers
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 996KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

migrante
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 89KB - Virtual size: 175KB

Size: 13KB - Virtual size: 34KB

Size: 512B - Virtual size: 7KB

Size: 4KB - Virtual size: 5KB

folowers Size: 334KB - Virtual size: 333KB

.idata Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 2.1MB

.boot Size: 996KB - Virtual size: 996KB

migrante Size: 2KB - Virtual size: 2KB

.vmp0 Size: 2KB - Virtual size: 2KB

.rsrc Size: 334KB - Virtual size: 333KB

folowers
Size: 334KB - Virtual size: 333KB

.idata
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 2.1MB

.boot
Size: 996KB - Virtual size: 996KB

migrante
Size: 2KB - Virtual size: 2KB

.vmp0
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 334KB - Virtual size: 333KB