905e7c4ae58e653594870f7fcbd190ae53b1f844143ddec1cbd6b184ad5e9750 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

905e7c4ae58e653594870f7fcbd190ae53b1f844143ddec1cbd6b184ad5e9750
Size

1.9MB
MD5

cbb49966db80d4186ed221499bb1174c
SHA1

e16bb2557dad8fa5286dcdbe54caffd3cdf61370
SHA256

905e7c4ae58e653594870f7fcbd190ae53b1f844143ddec1cbd6b184ad5e9750
SHA512

1a8dff6b8c050b29f97baf4314eb5ed5b54d6c9aab66381f8a33b2ad9b673559633e30d086b679e0ad20ccd470208d1cf8597185e4c99a97f4d76340181c3876
SSDEEP

49152:ESLYn66FYUqyOKsie6SWRjPSO5xJa0Z4GEw0rbDnfnJ/Xk:TMnfYPyOXp6/Rj6mTszHndk

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

905e7c4ae58e653594870f7fcbd190ae53b1f844143ddec1cbd6b184ad5e9750
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.9MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE