874e2ffa85bf4a2b66018cf8fc27fb5338d7f111cf4471bf5c2df6dbf3d3e1d6

Sharing

Copy URL Twitter E-mail

General

Target

874e2ffa85bf4a2b66018cf8fc27fb5338d7f111cf4471bf5c2df6dbf3d3e1d6
Size

7.3MB
MD5

2edbbbf500448a2e906b6f60f3115858
SHA1

2044c7522fa475432868dd560d97b045f5bc9795
SHA256

874e2ffa85bf4a2b66018cf8fc27fb5338d7f111cf4471bf5c2df6dbf3d3e1d6
SHA512

22eed409c76140ea9c60a9899891ae33c727a17541512d691ef580b19a2d1a2c48d837c48c0e6efb8c370d6b62d0cdd15a4fd208fcff13cc6c63e922874c60a7
SSDEEP

98304:YncphomKna8bmJYnu0+zpu9ZX1zeiqMRkZRQpoLU6cAT9z13n/5xSZJQO:mFmEazJYnVdZteR4oo6vT91v/8T

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
874e2ffa85bf4a2b66018cf8fc27fb5338d7f111cf4471bf5c2df6dbf3d3e1d6

Files

874e2ffa85bf4a2b66018cf8fc27fb5338d7f111cf4471bf5c2df6dbf3d3e1d6
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 802KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 649KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 778KB - Virtual size: 778KB

.rdata Size: 802KB - Virtual size: 801KB

.data Size: 649KB - Virtual size: 656KB

.idata Size: 5KB - Virtual size: 4KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 270B

.reloc Size: 34KB - Virtual size: 34KB

.imports Size: 512B - Virtual size: 4KB

.tls Size: 1024B - Virtual size: 4KB

.themida Size: 5.1MB - Virtual size: 5.1MB

.reloc Size: 16B - Virtual size: 4KB

.text
Size: 778KB - Virtual size: 778KB

.rdata
Size: 802KB - Virtual size: 801KB

.data
Size: 649KB - Virtual size: 656KB

.idata
Size: 5KB - Virtual size: 4KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 270B

.reloc
Size: 34KB - Virtual size: 34KB

.imports
Size: 512B - Virtual size: 4KB

.tls
Size: 1024B - Virtual size: 4KB

.themida
Size: 5.1MB - Virtual size: 5.1MB

.reloc
Size: 16B - Virtual size: 4KB