e0efd22108aa546a1bafb76adf2e23b4a0943e21fca5f35b0ab78b60d9422f90

Sharing

Copy URL Twitter E-mail

General

Target

e0efd22108aa546a1bafb76adf2e23b4a0943e21fca5f35b0ab78b60d9422f90
Size

4.4MB
MD5

30474b0f00bb5ac1c57874d93cd67b12
SHA1

20a5f63fdec96540ffa3591fbd920d703f3a6b43
SHA256

e0efd22108aa546a1bafb76adf2e23b4a0943e21fca5f35b0ab78b60d9422f90
SHA512

6f6cb8d2d00de6ec39704dc13d11400912054c47b119a79c864b7dd270e5bbcd16cb25a679ca5feb0c49528d8795d684664dcff01dbde70a18296573e011a0b4
SSDEEP

98304:A3gFLMzl3pJnpuBxWnTb2CwiabUhbXy9fkm1ypeuogfaTesVN:A3gFQFpJkwnHAipytqGxN

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0efd22108aa546a1bafb76adf2e23b4a0943e21fca5f35b0ab78b60d9422f90

Files

e0efd22108aa546a1bafb76adf2e23b4a0943e21fca5f35b0ab78b60d9422f90
.dll windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

add

Sections

Size: 77KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 24KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 433B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 135B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 159B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.exports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 77KB - Virtual size: 221KB

Size: 24KB - Virtual size: 75KB

Size: 433B - Virtual size: 8KB

Size: 6KB - Virtual size: 11KB

Size: 135B - Virtual size: 244B

Size: 159B - Virtual size: 248B

Size: 1KB - Virtual size: 1KB

.exports Size: 512B - Virtual size: 4KB

.imports Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 6.8MB

.boot Size: 4.3MB - Virtual size: 4.3MB

.exports
Size: 512B - Virtual size: 4KB

.imports
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 6.8MB

.boot
Size: 4.3MB - Virtual size: 4.3MB