12fc0ef49c355a2b09455cb2d7ab2083 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12fc0ef49c355a2b09455cb2d7ab2083
Size

2.7MB
MD5

12fc0ef49c355a2b09455cb2d7ab2083
SHA1

58139dca7c8049641deb384a2b6b43028e8df6df
SHA256

e0e278c59e35e883c111e91e015e47d1438bf8785b3ba61674de81c5b6515527
SHA512

2ac77d7d5636765a55bc04743ee6f67464b58fe4aa44e8a954784b5258a362722039067c97340608578cc3b48396a84c66fa183d30f90227db4884d1a1a0da50
SSDEEP

49152:5gXQkCu4Cvb/7VTWwdiijG+G0xJT4gLQbPvDRyiHTfkH9s:5goYvb/70Cv9JT4gETvNjbd

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12fc0ef49c355a2b09455cb2d7ab2083

Files

12fc0ef49c355a2b09455cb2d7ab2083
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 340KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 2.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE