cartridge[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

cartridge.zip
Size

4.6MB
MD5

53e9613652ed5b34830e74171d380f02
SHA1

c4d5ea31c02f6b25475f4581a92b8241ed6f7fe8
SHA256

bbdaef0537d15c539f20d5807ccb8cc708a71fc93ab7f77935f94eafd5b87aa2
SHA512

4e2384816e9daf3bddb06cd909d755486361e7b01cf74bfeb93a8bab6dc88ec8cbc71743d0fb06080b5384706fce8ffcbdb51b3bfd5c35832159dcad17701629
SSDEEP

98304:yMP+clVnUeLivZpEjjWR10rRtQCv0rpLHpyhKzhlnC0KN:yMG4ytZKnWE910eKzhlnCnN

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/cartridge.exe	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cartridge.exe

Files

cartridge.zip
.zip
cartridge.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 386KB - Virtual size: 897KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 88KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 122B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 11B - Virtual size: 249B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 22B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 386KB - Virtual size: 897KB

Size: 88KB - Virtual size: 181KB

Size: 122B - Virtual size: 2KB

Size: 8KB - Virtual size: 13KB

Size: 11B - Virtual size: 249B

Size: 22B - Virtual size: 32B

Size: 2KB - Virtual size: 3KB

.imports Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 5.9MB

.boot Size: 4.1MB - Virtual size: 4.1MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 5.9MB

.boot
Size: 4.1MB - Virtual size: 4.1MB

.reloc
Size: 16B - Virtual size: 4KB