27840e5f0f8b801d893ca3d3fae3c50388c14df378abd77582c0e40cb20dfab7

Analysis

max time kernel
353s
max time network
417s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
28-11-2022 01:19

Target

27840e5f0f8b801d893ca3d3fae3c50388c14df378abd77582c0e40cb20dfab7.exe
Size

7.5MB
MD5

6071a83630ed020bf1814704d6f38225
SHA1

c1c2dd0b8d8351fc1c6fac47d9521b931aadb1bb
SHA256

27840e5f0f8b801d893ca3d3fae3c50388c14df378abd77582c0e40cb20dfab7
SHA512

74762d841036bdd81f723cc17267a1054c7bcb04948758666070277fc16fe774c76b519127432c073569cae44a01464f549923f01902be0e695f35661bd1743e
SSDEEP

98304:5Qttsby/VhoxNCsLYrlwLEhbyjU1yde0A0cN6VPJrDP6C:5utVVhqC5mEhpkxrz6

Score

7^/10

themida

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

Processes:

resource	yara_rule
behavioral2/memory/1676-132-0x0000000000400000-0x0000000000B8B000-memory.dmp	themida

C:\Users\Admin\AppData\Local\Temp\27840e5f0f8b801d893ca3d3fae3c50388c14df378abd77582c0e40cb20dfab7.exe
"C:\Users\Admin\AppData\Local\Temp\27840e5f0f8b801d893ca3d3fae3c50388c14df378abd77582c0e40cb20dfab7.exe"
1⤵
PID:1676

memory/1676-132-0x0000000000400000-0x0000000000B8B000-memory.dmp

Filesize
7.5MB

Download