1a2909a1b777484531a1871f2[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

1a2909a1b777484531a1871f2.bin
Size

4.3MB
MD5

26f3d1643b0dcbe69867f0ea3b1c9451
SHA1

7fe198b621e305693f9f2343fdddb9ce4e22bdf6
SHA256

d50d58019f49f14f0fca4d443742c49648727d6ae9d1a7aa08cbf9c2ed0ced4e
SHA512

245cb4e322cce9d39520b1062a110222dbeb818535b63f004bdce9b6f6bdc4ca09df81acbe8514b677b0f270bf310dab213d1a14f0ffdd380c2a9db3f531d1ce
SSDEEP

98304:QHa4sdL5QyjVGy9ZWAK2Rmvfr2sntYcp55AJ/mQBctJKTutFVFSe1le+mybW:Q6ayQyLW3tOhirKqtFqgle+mMW

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a2909a1b777484531a1871f2.bin

Files

1a2909a1b777484531a1871f2.bin
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 1.9MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 767KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 16KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 815B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 28KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 95KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 9.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1.9MB - Virtual size: 4.7MB

Size: 767KB - Virtual size: 1.9MB

Size: 16KB - Virtual size: 82KB

Size: 1KB - Virtual size: 17KB

Size: 512B - Virtual size: 815B

Size: 512B - Virtual size: 270B

Size: 28KB - Virtual size: 140KB

Size: 95KB - Virtual size: 164KB

.idata Size: 2KB - Virtual size: 4KB

.tls Size: 1024B - Virtual size: 4KB

.rsrc Size: 117KB - Virtual size: 117KB

.themida Size: - Virtual size: 9.4MB

.boot Size: 6.3MB - Virtual size: 6.3MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.tls
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 117KB - Virtual size: 117KB

.themida
Size: - Virtual size: 9.4MB

.boot
Size: 6.3MB - Virtual size: 6.3MB

.reloc
Size: 16B - Virtual size: 4KB