Abbys Loader[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Abbys Loader.exe
Size

48.0MB
MD5

53007d004f679f232f1b8f315098a38a
SHA1

712a35d5f6383abc22b4982d44fb2f7af7946584
SHA256

7d8b4cad2c91c092452122b4df09dc2fe6101c3c824502f10c3cf619d71e0886
SHA512

fdd9eb6def7c0e9c2d3fbe50d6dd2db20b6c5fda82c309018de8a27f5a2249c5ff91a7ef41756093d122fd47eb8c5ece44d4bee266a64ac80fa42e11d8e51d6e
SSDEEP

786432:HhHx2UYH5eNtWSU7RuDp/vR+FhXcbcMfguMXqF0TKdaKggbGxn9LJtc3sMpo:ZVYZUUg/vRIcbcQPggaR9dtc85

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Abbys Loader.exe

Files

Abbys Loader.exe
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 22.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 11B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 44.8MB - Virtual size: 44.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 75KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 17B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: - Virtual size: 22.7MB

Size: - Virtual size: 191KB

Size: 11B - Virtual size: 8B

Size: 44.8MB - Virtual size: 44.8MB

Size: 75KB - Virtual size: 129KB

Size: 17B - Virtual size: 12B

.imports Size: 512B - Virtual size: 8KB

.rsrc Size: 130KB - Virtual size: 130KB

.themida Size: - Virtual size: 5.1MB

.boot Size: 3.0MB - Virtual size: 3.0MB

.taggant Size: 8KB - Virtual size: 8KB

.imports
Size: 512B - Virtual size: 8KB

.rsrc
Size: 130KB - Virtual size: 130KB

.themida
Size: - Virtual size: 5.1MB

.boot
Size: 3.0MB - Virtual size: 3.0MB

.taggant
Size: 8KB - Virtual size: 8KB