3cbc5c718a7d9dd5509ce7d7b5331418 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cbc5c718a7d9dd5509ce7d7b5331418
Size

3.6MB
MD5

3cbc5c718a7d9dd5509ce7d7b5331418
SHA1

2435d8ee4892d89cf627547f857d4352fc8bd78d
SHA256

af4b088584c08795ad581df65be8dd91a9b6325027bf1fd7ddcc931304049ff8
SHA512

78d840967c8df9521b1e3c19e627ea05e09b541719f1c2e0261a612bdc82c75725ad0d7edbc730e42c7ff9dd7c7d58126e477338c18015cb5540969a6297f706
SSDEEP

49152:rtBYpvD24/klQbX6ZP2saGBvoY2SD2B+Crw03Nrtv2NPW:rt8vy4klQT6EHGeYTlCrl3KtW

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cbc5c718a7d9dd5509ce7d7b5331418

Files

3cbc5c718a7d9dd5509ce7d7b5331418
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 876B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 74KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 31B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE