50116f7f4b47ff524b44e8eac7f965b8cd0b42a20427a39ccb1984737b4e3a95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50116f7f4b47ff524b44e8eac7f965b8cd0b42a20427a39ccb1984737b4e3a95
Size

2.3MB
MD5

2d75f797fa538b8a6e09fc3e815b0bc9
SHA1

f8be53da9625a24f4b63fd45c39e159e811e8944
SHA256

50116f7f4b47ff524b44e8eac7f965b8cd0b42a20427a39ccb1984737b4e3a95
SHA512

a557c3966434cdfe9b60cbc3c572182c69569a2a2d54954f06ed3da7005a7e57cb52f7c97ebcd170d959da7902ff4dba97d0ee509185c5b0963eab20ed346795
SSDEEP

49152:SWQJ3uGA/GhR1GkgopcOK2StIDQF90TjwrMowUDz49DLVdiap6gxv:Sf3uGAWGrOmRF90gTz493VdTF9

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50116f7f4b47ff524b44e8eac7f965b8cd0b42a20427a39ccb1984737b4e3a95

Files

50116f7f4b47ff524b44e8eac7f965b8cd0b42a20427a39ccb1984737b4e3a95
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ