69ad59eb283ce634c330f68ed6fe204c[.][.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

69ad59eb283ce634c330f68ed6fe204c..exe
Size

16.3MB
MD5

2c33cd6ff6116498518bd67db1b62d8d
SHA1

e97d046fdf91032ac17258faa89ad152289679d0
SHA256

3d897b600b9965a4160a7d3e4ca24d2918433cb28c44063dc18e2cfc31dbce61
SHA512

1e946c367d31f9ed3b49eb4b113d25ece8c9a71e379046c3ec5093f0c6f1edfd5f29b9c9edd51e4d56684e5a161fedf76ba8e21c3a523b0b62e2a42d2d29e588
SSDEEP

393216:nTKq8CHqkVtO60cShfW4MpAqI2D7gD0BU46YeyRvpTcDJ:TKU9Ir2p9I2D7g4BU4BeyhZc9

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69ad59eb283ce634c330f68ed6fe204c..exe

Files

69ad59eb283ce634c330f68ed6fe204c..exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 544KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 289KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 12KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 23KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 27.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 15.4MB - Virtual size: 15.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 544KB - Virtual size: 1.2MB

Size: 289KB - Virtual size: 437KB

Size: 12KB - Virtual size: 115KB

Size: 23KB - Virtual size: 41KB

Size: 512B - Virtual size: 348B

Size: 2KB - Virtual size: 5KB

Size: 2KB - Virtual size: 3KB

.idata Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.themida Size: - Virtual size: 27.0MB

.boot Size: 15.4MB - Virtual size: 15.4MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.themida
Size: - Virtual size: 27.0MB

.boot
Size: 15.4MB - Virtual size: 15.4MB

.reloc
Size: 16B - Virtual size: 4KB