modest-menu_v0[.]9[.]9_(Kiddionsmodmenu[.]com)_[.]zip | Triage

Sharing

General

Target

modest-menu_v0.9.9_(Kiddionsmodmenu.com)_.zip
Size

13.3MB
MD5

65b1b713197fe21f70f9159b6efa3f81
SHA1

9d309e2d750aeb887f5c702d378408bfd543fc9a
SHA256

bc36e8a60fecff1ec9c7f4598622ac83e1449ba6e968b9d0b65e3739a2d69279
SHA512

777b77653567a692560eb138b81b2a9254069eb5d0da9f162b87196db8482278061ceb8cf748e3b899810ab1382b7c06e58ea38a6708ae60f661dbd00054761d
SSDEEP

196608:Y9PVPbwP7SS9PrVxdzdKKTAM2cxpeCJg6SRxe+H/14dzkW4zDg6TA4alTzJH:Y95b9OzVx/KKX28gug6SRvQ4/A4alTz9

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
static1/unpack001/modest-menu.exe	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/modest-menu.exe

Files

modest-menu_v0.9.9_(Kiddionsmodmenu.com)_.zip
.zip
config.json
modest-menu.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 914KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 72KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 18.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 12.4MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
scripts/Readme.api
scripts/demo.lua
scripts/sirius.lua.example
scripts/vehicle.lua
scripts/weapon.lua
themes.json