bc455b9d0583cb0e8b51de60d3d0a8a4bc61cf443332c21aaef390b933bb2c83 | Triage

Sharing

General

Target

bc455b9d0583cb0e8b51de60d3d0a8a4bc61cf443332c21aaef390b933bb2c83
Size

1.2MB
MD5

4f6be23417c25c855fbe81bde6128111
SHA1

2e17f87976250370a17db83d5f07ad2da288681e
SHA256

bc455b9d0583cb0e8b51de60d3d0a8a4bc61cf443332c21aaef390b933bb2c83
SHA512

abb3d8ccb2f4733dcec1e4bbbc4613a498d4767aea97d58b9b653e30c10c1b719e4a3a06376b9636005746b564b25da6bc2175f9e502b8121a1e726d3a768bd7
SSDEEP

24576:LYDslEhWFOuZmPdWq1ite4pvl+4J4P/sg09wVBCahy:4OEAYqA4CXs9w+/

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

bc455b9d0583cb0e8b51de60d3d0a8a4bc61cf443332c21aaef390b933bb2c83
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 467KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE