a719b6410b2e125322b304e54d98ff5273d5e097aafce82f8acadca572d1c522 | Triage

Sharing

General

Target

a719b6410b2e125322b304e54d98ff5273d5e097aafce82f8acadca572d1c522
Size

3.4MB
MD5

8d4d05a643dbab697faa314703888b3f
SHA1

7e83439787a7f86015dae18900c29176a4d16064
SHA256

a719b6410b2e125322b304e54d98ff5273d5e097aafce82f8acadca572d1c522
SHA512

fbae5ef4278394d81cb0b31c82665fa95a4e6f5d51c125418ee81af0edcb3eca4210ec7c00820d5a1f4c54c05586257443a3511f61b486fd490e723f671d5515
SSDEEP

98304:10zS3vv3jirr3jjWiTaOvifviOrKXSUKnAVRGuUbjq8k6DY9CMW0K2+:1oXJKnfusRDY9tWk+

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a719b6410b2e125322b304e54d98ff5273d5e097aafce82f8acadca572d1c522

Files

a719b6410b2e125322b304e54d98ff5273d5e097aafce82f8acadca572d1c522
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 83KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 579KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ