CLICK TO GET IT fuck gs era , one on my screen romanian fakerss | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CLICK TO GET IT fuck gs era , one on my screen romanian fakerss
Size

12.7MB
MD5

2d0a94ae5014e1e0c75b71e878eec7e8
SHA1

2050993ac87b5c0a5395208c6f7ccd70ccba7a95
SHA256

521132c38b596beeae97abc2173f365653c8a99813c245ce0dafe52e6d652b8a
SHA512

ba44c5fc440a6b5d08f68aceeffa81d28ce415c14f82ab5db4e66af1b59128f8259e93c685a09202cad0326e4802c60c4235a97ef9d358628454a0fc21779dd1
SSDEEP

196608:etUGsj3lfNaOrm84lz1Nnzqe461pW1K/tjRLcg8spHUuMIH:PJnWz1N2CHW4/cLspHeK

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Files

CLICK TO GET IT fuck gs era , one on my screen romanian fakerss
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 12.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE