0533c20227a52736f4724dee4166cb49e8c66c5e4ffe1716c56ae76ccb1e3b65

Sharing

Copy URL Twitter E-mail

General

Target

0533c20227a52736f4724dee4166cb49e8c66c5e4ffe1716c56ae76ccb1e3b65
Size

3.4MB
MD5

6763f7241d753aa95c60c3a0e1751dd6
SHA1

908fc544c87f14a8d47c81b35100390c5735b340
SHA256

0533c20227a52736f4724dee4166cb49e8c66c5e4ffe1716c56ae76ccb1e3b65
SHA512

51c686f987792d2beea4d073b1e5afb0cb36ed88ebe4b944f4695d9f7edea15afb30e11b844365ba05e82e676b2ed2dc4889842b9bbcb9de80ee8a4ed968813b
SSDEEP

49152:J82rTLPyZ0UgAQeDzkM/4MGE55BKMevHqDmu939VpcfpATd9z6sVFgkwfOlmdQZO:J8+NQQePV4BaKTvOmgNDc+TT65BOc

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0533c20227a52736f4724dee4166cb49e8c66c5e4ffe1716c56ae76ccb1e3b65

Files

0533c20227a52736f4724dee4166cb49e8c66c5e4ffe1716c56ae76ccb1e3b65
.sys windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 210KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 40KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 19KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 25KB - Virtual size: 56KB

Size: 210KB - Virtual size: 482KB

Size: 40KB - Virtual size: 93KB

Size: 2KB - Virtual size: 3KB

Size: 19KB - Virtual size: 39KB

Size: 1024B - Virtual size: 1KB

Size: 1KB - Virtual size: 2KB

Size: 512B - Virtual size: 96B

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.themida Size: - Virtual size: 5.7MB

.boot Size: 3.1MB - Virtual size: 3.1MB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.themida
Size: - Virtual size: 5.7MB

.boot
Size: 3.1MB - Virtual size: 3.1MB