2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02[.]zip

General

Target

2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02.zip
Size

6.5MB
MD5

13216202081404960fb032c0ffb03cd8
SHA1

9549d916d42dbf9474f0e10f1ceab92d323d8ae0
SHA256

b43b03609b465f7214e2643839c04599117d454b03d8970ced7a045a7ee92068
SHA512

a147c90cf707cd72c75a1854f2a66f9ed3cbc144f40d1f7ae93c099d6ceec43be6c14de673e1a8f220563efb5bfa58ab72cf3b0142d6a78254cab8720b48ac1f
SSDEEP

196608:HQ92K0U8LAe7cI1iM0bc24eD0DFqQt36h8d9phrE6OuuiH:HQ92K0U8hwIP0d4I0DFqbhGHOudH

Score

7^/10

themida

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
static1/unpack001/2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02	themida

2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02.zip
.zip

Password: infected
2d640e53d6e6d96266afb87c150403609c66d66ab1a5404c20efb13c85f9ae02
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 489KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 8.6MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE