0960e78da487e90ea1c78027e7006a892fd64466d9531bdac8ee08956c3ae337

Resubmissions

06/11/2023, 03:30

231106-d2gp8agf8t 7

31/08/2022, 22:17

220831-17gczacdfr 7

Sharing

Copy URL

Twitter E-mail

General

Target

0960e78da487e90ea1c78027e7006a892fd64466d9531bdac8ee08956c3ae337
Size

3.3MB
MD5

499e09f4f5fb25988108e9558f6f25ac
SHA1

b3bd046112d7b53c52e1b7cc2d6a2f7b5631dd4c
SHA256

0960e78da487e90ea1c78027e7006a892fd64466d9531bdac8ee08956c3ae337
SHA512

211e2b1c5223bfc8d91b621ead09e3cf82eaec7ded4a39a87131a868bf74aafd45c91ff5d3533ddc2ee50cb3af59036782e13b64fbd9cff09754870e1cdd5829
SSDEEP

49152:z35Kt8+Nrm+Ac36aq8kqW8c7lrWUn5+pY01ye2hhIBsBetfNBNqlSgLgLNx2W2aL:0frmaKVfqWxxIWT0sQt1j7Nx2dFxc

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0960e78da487e90ea1c78027e7006a892fd64466d9531bdac8ee08956c3ae337

Files

0960e78da487e90ea1c78027e7006a892fd64466d9531bdac8ee08956c3ae337
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 146KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 59KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 132B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 267B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 146KB - Virtual size: 288KB

Size: 59KB - Virtual size: 127KB

Size: 1KB - Virtual size: 11KB

Size: 8KB - Virtual size: 14KB

Size: 132B - Virtual size: 244B

Size: 267B - Virtual size: 480B

Size: 1KB - Virtual size: 2KB

.imports Size: 1024B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.themida Size: - Virtual size: 4.5MB

.boot Size: 3.1MB - Virtual size: 3.1MB

.taggant Size: 8KB - Virtual size: 8KB

.imports
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.themida
Size: - Virtual size: 4.5MB

.boot
Size: 3.1MB - Virtual size: 3.1MB

.taggant
Size: 8KB - Virtual size: 8KB