80541451835523103860ce4858b60e2240c1dfb9ca45a883a499d3aeb3a60b04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

80541451835523103860ce4858b60e2240c1dfb9ca45a883a499d3aeb3a60b04
Size

2.9MB
MD5

e50f93280710b7af19e409ddfe55869f
SHA1

be9729e123669cf9bf9f01720de0610e002ba523
SHA256

80541451835523103860ce4858b60e2240c1dfb9ca45a883a499d3aeb3a60b04
SHA512

814d9817746e65f5ee2e792d1c6e3cf799bbc34edfd1395b35d2bd0b938c5528add7e37b7c0deb82205943c8c2616289b2b2cb2d60e7b7bccefa3af4daa92ed5
SSDEEP

49152:obXKux6OyVA0x6Evzb16REJZ5DkMFncMFLFJiMATEsrh5xoy7yusimHJJhWkiqYu:ob6K6OIA0xTvzx6un5DkjyLFLUEtyGuC

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
static1/unpack001/Clean WeChat X_ᰮר/Clean WeChat X.exe	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Clean WeChat X_ᰮר/Clean WeChat X.exe

Files

80541451835523103860ce4858b60e2240c1dfb9ca45a883a499d3aeb3a60b04
.zip
Clean WeChat X_ᰮר/Clean WeChat X.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 340KB - Virtual size: 685KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 44KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 24KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ