b06c236a31a0d56e611edf835273b914e662d132c125798b4b449514f11b02ff

Sharing

Copy URL Twitter E-mail

General

Target

b06c236a31a0d56e611edf835273b914e662d132c125798b4b449514f11b02ff
Size

2.7MB
MD5

6bae6fd01a825aa2f03e35ebc4322740
SHA1

dabc34b46c902531cc0f69cf0083b2c1bacf217a
SHA256

b06c236a31a0d56e611edf835273b914e662d132c125798b4b449514f11b02ff
SHA512

4f5f792b1bd6da55e0c4e6725d1d1e71daa1e070a9f6d099f548abb965b7775afe77ad3be9663ac40337301c6efa75a834c7debd143255dbc6f2000e85bab828
SSDEEP

49152:9uwxda+vvcj82eYGPr/39MKjoZ6LFjHpPyIF5quaqvvKtfbmUb5h:9uwxM+ncj8HVPrVp0+jdyIFFaztCUb5h

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Files

b06c236a31a0d56e611edf835273b914e662d132c125798b4b449514f11b02ff
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 1.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 361KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 70KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 37KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 24B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 9B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 155KB - Virtual size: 978KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1.9MB - Virtual size: 3.9MB

Size: 361KB - Virtual size: 984KB

Size: 70KB - Virtual size: 406KB

Size: 37KB - Virtual size: 137KB

Size: 24B - Virtual size: 28B

Size: 9B - Virtual size: 9B

Size: 155KB - Virtual size: 978KB

.debug Size: 512B - Virtual size: 4KB

.imports Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 40KB - Virtual size: 40KB

.themida Size: - Virtual size: 4.5MB

.boot Size: 2.7MB - Virtual size: 2.7MB

.debug
Size: 512B - Virtual size: 4KB

.imports
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 40KB - Virtual size: 40KB

.themida
Size: - Virtual size: 4.5MB

.boot
Size: 2.7MB - Virtual size: 2.7MB