13e58c2604fa529c6cc3e3d3ab155360 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13e58c2604fa529c6cc3e3d3ab155360
Size

1013KB
MD5

13e58c2604fa529c6cc3e3d3ab155360
SHA1

81113f985dcdd875b19bd33cdfa4666b791acb91
SHA256

e4250b15a5ac9fb8e20edec6fade0465c2bc91a1f369aaacdfe65203facde2c8
SHA512

4a008a59e3d478df1cad1ad09f69e6e732cc1539a22da279d60fc6963e6f07be0d6f680b309746d82fd3690a50253a1d0f53e5ff1ea6dc21c87077b932aa3d97
SSDEEP

24576:ubOz51EUon3SREa9DMDeJRCi+638EIfV3UECCqsvJKx68G:uQEUo3SR39R+638hllqsRK/G

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13e58c2604fa529c6cc3e3d3ab155360

Files

13e58c2604fa529c6cc3e3d3ab155360
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 472KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 13.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 903KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE