fc1d133e1b171452cf8f0534a3b6d5ddc149d8b6b990e060b2ef222f76c5e18a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc1d133e1b171452cf8f0534a3b6d5ddc149d8b6b990e060b2ef222f76c5e18a
Size

924KB
MD5

ee08b3dc3c8096895ca3c1d3b3e42622
SHA1

decee73183652577adf4a5d9736d638af9590c03
SHA256

fc1d133e1b171452cf8f0534a3b6d5ddc149d8b6b990e060b2ef222f76c5e18a
SHA512

51bfb7b559acd3f2dd13d3166fcb3dac74cd11e9497b0d311a7779e8c77d06b0f4b1222684fa61e01c2b59aa9832e1099630d6a3411403123037f9817137784f
SSDEEP

24576:WadxoWA1XrgUj+C/gtR3XY5915egkJfen:X0Qs+HY5tmGn

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

fc1d133e1b171452cf8f0534a3b6d5ddc149d8b6b990e060b2ef222f76c5e18a
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 44KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 836KB - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE