d1454240496f9a5aa780b8388dc3de7a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1454240496f9a5aa780b8388dc3de7a
Size

5.4MB
MD5

d1454240496f9a5aa780b8388dc3de7a
SHA1

d263781e69edceba438d1233c084956421f0c14d
SHA256

659432be1831e3cfcf306af88c89af635034cb3c2c36fc06e45b9601e980bfa5
SHA512

8e6e0865c9fbbf8c388355b9fad63b826cdf4d9e76b0f97ceddcefd7e3868a97be04dc2755af97cff69bb31b787b64dd7d63bb1701951ea38a477a6592710643
SSDEEP

98304:WFOj4UTkhn0bbveqZ3mDRZDzBYJZTZVaz3s185iAF8F8Mf9KSoVnJb7FHIMDzAt:c3UTkhn0bDX3wRrz3s5dV4rHIWAt

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1454240496f9a5aa780b8388dc3de7a

Files

d1454240496f9a5aa780b8388dc3de7a
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 670KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 15B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ